GLSA 202105-27: MySQL: Multiple vulnerabilities
Severity: | normal |
Title: | MySQL: Multiple vulnerabilities |
Date: | 05/26/2021 |
Bugs: |
|
ID: | 202105-27 |
Synopsis
Multiple vulnerabilities have been found in MySQL, the worst of which could result in the arbitrary execution of code.Background
MySQL is a popular multi-threaded, multi-user SQL server.
Affected packages
Package | Vulnerable | Unaffected | Architecture(s) |
---|---|---|---|
dev-db/mysql-connector-c | < 8.0.24 | >= 8.0.24 | All supported architectures |
dev-db/mysql | < 8.0.24 | >= 5.7.34 | All supported architectures |
Description
Multiple vulnerabilities have been discovered in MySQL. Please review the CVE identifiers referenced below for details.
Impact
An attacker could possibly execute arbitrary code with the privileges of the process, escalate privileges, gain access to critical data or complete access to all MySQL server accessible data, or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All MySQL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/mysql-5.7.34"
All mysql users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mysql-8.0.24"
References
CVE-2021-2180 CVE-2021-2166 CVE-2021-2154 CVE-2021-2122 CVE-2021-2088 CVE-2021-2087 CVE-2021-2081 CVE-2021-2076 CVE-2021-2072 CVE-2021-2070 CVE-2021-2065 CVE-2021-2061 CVE-2021-2060 CVE-2021-2058 CVE-2021-2056 CVE-2021-2055 CVE-2021-2048 CVE-2021-2046 CVE-2021-2042 CVE-2021-2038 CVE-2021-2036 CVE-2021-2032 CVE-2021-2031 CVE-2021-2030 CVE-2021-2028 CVE-2021-2024 CVE-2021-2022 CVE-2021-2021 CVE-2021-2020 CVE-2021-2019 CVE-2021-2016 CVE-2021-2014 CVE-2021-2012 CVE-2021-2011 CVE-2021-2010 CVE-2021-2009 CVE-2021-2007 CVE-2021-2006 CVE-2021-2002 CVE-2021-2001 CVE-2021-1998 CVE-2020-2934 CVE-2020-2933 CVE-2020-2930 CVE-2020-2928 CVE-2020-2926 CVE-2020-2925 CVE-2020-2924 CVE-2020-2923 CVE-2020-2922 CVE-2020-2921 CVE-2020-2904 CVE-2020-2903 CVE-2020-2901 CVE-2020-2898 CVE-2020-2897 CVE-2020-2896 CVE-2020-2895 CVE-2020-2893 CVE-2020-2892 CVE-2020-2875 CVE-2020-2853 CVE-2020-2814 CVE-2020-2812 CVE-2020-2806 CVE-2020-2804 CVE-2020-2790 CVE-2020-2780 CVE-2020-2779 CVE-2020-2774 CVE-2020-2770 CVE-2020-2768 CVE-2020-2765 CVE-2020-2763 CVE-2020-2762 CVE-2020-2761 CVE-2020-2760 CVE-2020-2759 CVE-2020-2752 CVE-2020-2694 CVE-2020-2686 CVE-2020-2679 CVE-2020-2660 CVE-2020-2627 CVE-2020-2589 CVE-2020-2588 CVE-2020-2584 CVE-2020-2580 CVE-2020-2579 CVE-2020-2577 CVE-2020-2574 CVE-2020-2573 CVE-2020-2572 CVE-2020-2570 CVE-2020-14893 CVE-2020-14891 CVE-2020-14888 CVE-2020-14878 CVE-2020-14873 CVE-2020-14870 CVE-2020-14869 CVE-2020-14868 CVE-2020-14867 CVE-2020-14866 CVE-2020-14861 CVE-2020-14860 CVE-2020-14853 CVE-2020-14852 CVE-2020-14848 CVE-2020-14846 CVE-2020-14845 CVE-2020-14844 CVE-2020-14839 CVE-2020-14838 CVE-2020-14837 CVE-2020-14836 CVE-2020-14830 CVE-2020-14829 CVE-2020-14828 CVE-2020-14827 CVE-2020-14821 CVE-2020-14814 CVE-2020-14812 CVE-2020-14809 CVE-2020-14804 CVE-2020-14800 CVE-2020-14799 CVE-2020-14794 CVE-2020-14793 CVE-2020-14791 CVE-2020-14790 CVE-2020-14789 CVE-2020-14786 CVE-2020-14785 CVE-2020-14777 CVE-2020-14776 CVE-2020-14775 CVE-2020-14773 CVE-2020-14771 CVE-2020-14769 CVE-2020-14765 CVE-2020-14760 CVE-2020-14725 CVE-2020-14702 CVE-2020-14697 CVE-2020-14680 CVE-2020-14678 CVE-2020-14672 CVE-2020-14663 CVE-2020-14656 CVE-2020-14654 CVE-2020-14651 CVE-2020-14643 CVE-2020-14641 CVE-2020-14634 CVE-2020-14633 CVE-2020-14632 CVE-2020-14631 CVE-2020-14626 CVE-2020-14624 CVE-2020-14623 CVE-2020-14620 CVE-2020-14619 CVE-2020-14614 CVE-2020-14597 CVE-2020-14591 CVE-2020-14586 CVE-2020-14576 CVE-2020-14575 CVE-2020-14568 CVE-2020-14567 CVE-2020-14564 CVE-2020-14559 CVE-2020-14553 CVE-2020-14550 CVE-2020-14547 CVE-2020-14540 CVE-2020-14539 CVE-2019-2974 CVE-2019-2938
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.