{"id":"RLSA-2026:20693","summary":"Moderate: mysql8.4 security update","details":"MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files.\n\nSecurity Fix(es):\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-22004)\n\n* mysql: Information Schema unspecified vulnerability (CPU Apr 2026) (CVE-2026-22001)\n\n* mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34271)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22009)\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35237)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-21998)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22005)\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35238)\n\n* mysql: DML unspecified vulnerability (CPU Apr 2026) (CVE-2026-35239)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22002)\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-35236)\n\n* mysql: JSON unspecified vulnerability (CPU Apr 2026) (CVE-2026-34308)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-34303)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-35240)\n\n* mysql: Optimizer unspecified vulnerability (CPU Apr 2026) (CVE-2026-22017)\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2026) (CVE-2026-34304)\n\n* mysql: Information Schema unspecified vulnerability (CPU Apr 2026) (CVE-2026-22015)\n\n* mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34276)\n\n* mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026) (CVE-2026-34270)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-06-04T12:30:14.719665519Z","published":"2026-06-04T12:04:37.164871Z","upstream":["CVE-2026-21998","CVE-2026-22001","CVE-2026-22002","CVE-2026-22004","CVE-2026-22005","CVE-2026-22009","CVE-2026-22015","CVE-2026-22017","CVE-2026-34270","CVE-2026-34271","CVE-2026-34276","CVE-2026-34303","CVE-2026-34304","CVE-2026-34308","CVE-2026-35236","CVE-2026-35237","CVE-2026-35238","CVE-2026-35239","CVE-2026-35240"],"references":[{"type":"ADVISORY","url":"https://errata.rockylinux.org/RLSA-2026:20693"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460348"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460275"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460326"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460324"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460325"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460279"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460329"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460316"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460274"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460358"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460312"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460315"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460342"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460276"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460323"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460295"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460344"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460356"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460335"}],"affected":[{"package":{"name":"mysql8.4","ecosystem":"Rocky Linux:10","purl":"pkg:rpm/rocky-linux/mysql8.4?distro=rocky-linux-10&epoch=0"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.4.9-1.el10_2.rocky.0.1"}],"database_specific":{"yum_repository":"AppStream"}}],"database_specific":{"source":"https://storage.googleapis.com/resf-osv-data/RLSA-2026:20693.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"credits":[{"name":"Rocky Enterprise Software Foundation"},{"name":"Red Hat"}]}