{"id":"RLSA-2023:3087","summary":"Important: mysql:8.0 security, bug fix, and enhancement update","details":"MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.\n\nThe following packages have been upgraded to a later upstream version: mysql (8.0.32). (BZ#2177734, BZ#2177735, BZ#2177736)\n\nSecurity Fix(es):\n\n* mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023) (CVE-2023-21912)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594)\n\n* mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599)\n\n* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608)\n\n* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611)\n\n* mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625)\n\n* mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632)\n\n* mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633)\n\n* mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410)\n\n* mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21867)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868)\n\n* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870)\n\n* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873)\n\n* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876)\n\n* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879)\n\n* mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883)\n\n* mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21917)\n\n* mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874)\n\n* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Rocky Linux8 AppStream and Devel channels missing mecab-devel rpm (BZ#2180411)","modified":"2026-06-28T00:30:04.732839620Z","published":"2026-06-28T00:01:03.878968Z","upstream":["CVE-2022-21594","CVE-2022-21599","CVE-2022-21604","CVE-2022-21608","CVE-2022-21611","CVE-2022-21617","CVE-2022-21625","CVE-2022-21632","CVE-2022-21633","CVE-2022-21637","CVE-2022-21640","CVE-2022-39400","CVE-2022-39408","CVE-2022-39410","CVE-2023-21836","CVE-2023-21863","CVE-2023-21864","CVE-2023-21865","CVE-2023-21867","CVE-2023-21868","CVE-2023-21869","CVE-2023-21870","CVE-2023-21871","CVE-2023-21873","CVE-2023-21874","CVE-2023-21875","CVE-2023-21876","CVE-2023-21877","CVE-2023-21878","CVE-2023-21879","CVE-2023-21880","CVE-2023-21881","CVE-2023-21882","CVE-2023-21883","CVE-2023-21887","CVE-2023-21912","CVE-2023-21913","CVE-2023-21917","CVE-2023-21963","CVE-2023-22015","CVE-2023-22026","CVE-2023-22028"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2023:3087"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142861"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142863"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142865"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142868"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142869"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142870"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142871"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142872"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142873"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142875"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142877"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142879"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142880"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142881"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162270"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162271"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162272"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162274"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162275"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162276"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162277"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162278"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162280"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162281"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162282"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162283"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162284"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162285"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162286"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162287"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162288"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162289"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162290"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162291"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188110"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188111"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188112"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188126"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245011"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245012"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245013"}],"affected":[{"package":{"name":"mecab","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.996-2.module+el8.10.0+1676+9b4b6e24"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3087.json"}},{"package":{"name":"mecab","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.996-2.module+el8.10.0+2091+db4d14f6"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3087.json"}},{"package":{"name":"mecab","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.996-2.module+el8.10.0+1937+28fbbc83"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3087.json"}},{"package":{"name":"mecab-ipadic","ecosystem":"Rocky Linux:8","purl":"pkg:rpm/rocky-linux/mecab-ipadic?distro=rocky-linux-8&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.0.20070801-16.module+el8.10.0+1676+9b4b6e24"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2023:3087.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}