{"id":"ALSA-2026:20693","summary":"Moderate: mysql8.4 security update","details":"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files.  \n\nSecurity Fix(es):  \n\n  * mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-22004)\n  * mysql: Information Schema unspecified vulnerability (CPU Apr 2026) (CVE-2026-22001)\n  * mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34271)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22009)\n  * mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35237)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-21998)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22005)\n  * mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35238)\n  * mysql: DML unspecified vulnerability (CPU Apr 2026) (CVE-2026-35239)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22002)\n  * mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35236)\n  * mysql: JSON unspecified vulnerability (CPU Apr 2026) (CVE-2026-34308)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-34303)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-35240)\n  * mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22017)\n  * mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-34304)\n  * mysql: Information Schema unspecified vulnerability (CPU Apr 2026) (CVE-2026-22015)\n  * mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34276)\n  * mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34270)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-05-27T15:14:12.876148662Z","published":"2026-05-26T00:00:00Z","related":["CVE-2026-21998","CVE-2026-22001","CVE-2026-22002","CVE-2026-22004","CVE-2026-22005","CVE-2026-22009","CVE-2026-22015","CVE-2026-22017","CVE-2026-34270","CVE-2026-34271","CVE-2026-34276","CVE-2026-34303","CVE-2026-34304","CVE-2026-34308","CVE-2026-35236","CVE-2026-35237","CVE-2026-35238","CVE-2026-35239","CVE-2026-35240"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:20693"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-21998"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22001"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22002"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22004"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22005"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22009"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22015"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-22017"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-34270"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-34271"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-34276"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-34303"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-34304"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-34308"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-35236"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-35237"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-35238"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-35239"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-35240"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460274"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460275"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460276"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460279"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460295"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460312"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460315"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460316"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460323"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460324"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460325"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460326"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460329"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460335"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460342"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460344"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460348"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460356"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2460358"},{"type":"ADVISORY","url":"https://errata.almalinux.org/10/ALSA-2026-20693.html"}],"affected":[{"package":{"name":"mysql8.4","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-common","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-devel","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-errmsg","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-errmsg"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-libs","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-server","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-test","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}},{"package":{"name":"mysql8.4-test-data","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/mysql8.4-test-data"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.4.9-1.el10_2.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20693.json"}}],"schema_version":"1.7.5"}