UbuntuUpdates.org

Package "mysql-server"

Name: mysql-server

Description:

MySQL database server (metapackage depending on the latest version)

Latest version: 8.0.40-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: security
Repository: main
Head package: mysql-8.0
Homepage: http://dev.mysql.com/

Links


Download "mysql-server"


Other versions of "mysql-server" in Jammy

Repository Area Version
base main 8.0.28-0ubuntu4
updates main 8.0.40-0ubuntu0.22.04.1

Changelog

Version: 8.0.34-0ubuntu0.22.04.1 2023-08-15 15:07:00 UTC

  mysql-8.0 (8.0.34-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Update to 8.0.34 to fix security issues
    - CVE-2023-22005, CVE-2023-22008, CVE-2023-22033, CVE-2023-22038,
      CVE-2023-22046, CVE-2023-22048, CVE-2023-22053, CVE-2023-22054,
      CVE-2023-22056, CVE-2023-22057, CVE-2023-22058
    - d/p/fix_expired_date_in_test.patch: removed, no longer needed with
      new version.

 -- Marc Deslauriers <email address hidden> Fri, 21 Jul 2023 09:03:20 -0400

Source diff to previous version
CVE-2023-22005 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prio
CVE-2023-22008 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Easily exp
CVE-2023-22033 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Difficult
CVE-2023-22038 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.33
CVE-2023-22046 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior.
CVE-2023-22048 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 8.0.33 and p
CVE-2023-22053 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.42 and prior an
CVE-2023-22054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior.
CVE-2023-22056 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior.
CVE-2023-22057 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prio
CVE-2023-22058 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.33 and prior. Diffi

Version: 8.0.33-0ubuntu0.22.04.2 2023-05-15 16:21:25 UTC

  mysql-8.0 (8.0.33-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * Fix crash on startup on armhf (LP: #2019203)
    - debian/patches/revert-be8348a7.patch: revert upstream commit.
  * Fix expired date in main.derived_condition_pushdown test
    - debian/patches/fix_expired_date_in_test.patch: update expired date.

 -- Marc Deslauriers <email address hidden> Thu, 11 May 2023 19:15:00 -0400

Source diff to previous version
2019203 mysql 8.0.33 binary crashes on startup on armhf

Version: 8.0.33-0ubuntu0.22.04.1 2023-05-08 13:07:15 UTC

  mysql-8.0 (8.0.33-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Update to 8.0.33 to fix security issues
    - CVE-2023-21911, CVE-2023-21919, CVE-2023-21920, CVE-2023-21929,
      CVE-2023-21933, CVE-2023-21935, CVE-2023-21940, CVE-2023-21945,
      CVE-2023-21946, CVE-2023-21947, CVE-2023-21953, CVE-2023-21955,
      CVE-2023-21962, CVE-2023-21966, CVE-2023-21972, CVE-2023-21976,
      CVE-2023-21977, CVE-2023-21980, CVE-2023-21982
    - debian/*.install: Added new files.
    - d/p/revert-router-to-8.0.31/*.patch: removed, no longer needed with
      new version.

 -- Marc Deslauriers <email address hidden> Fri, 21 Apr 2023 10:17:04 -0400

Source diff to previous version
CVE-2023-21911 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exp
CVE-2023-21919 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easil
CVE-2023-21920 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21929 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easil
CVE-2023-21933 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easil
CVE-2023-21935 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21940 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32
CVE-2023-21945 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21946 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21947 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32
CVE-2023-21953 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21955 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21962 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.32
CVE-2023-21966 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.32 and prior. Easi
CVE-2023-21972 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.32 and prior. Easil
CVE-2023-21976 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21977 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.
CVE-2023-21980 Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior an
CVE-2023-21982 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior.

Version: 8.0.32-0ubuntu0.22.04.2 2023-01-29 17:07:02 UTC

  mysql-8.0 (8.0.32-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY REGRESSION: Regression with PyMySQL (LP: #2003835)
    - d/p/revert-router-to-8.0.31/*.patch: Revert every patch that modified
      the router directory in version 8.0.32, except for the following:
      605df79542d, b806d2bbb2d, faabb6e7404, 1ae29236865, d03f34cd9fe.
    - debian/mysql-router-8.0.install: Removed destination_status files.

 -- Marc Deslauriers <email address hidden> Sat, 28 Jan 2023 09:44:32 -0500

Source diff to previous version

Version: 8.0.32-0buntu0.22.04.1 2023-01-24 21:07:25 UTC

  mysql-8.0 (8.0.32-0buntu0.22.04.1) jammy-security; urgency=medium

  [ Lars Tangvald ]
  * Imported upstream version 8.0.32 to fix security issues
    - https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
    - CVE-2022-32221 CVE-2023-21836 CVE-2023-21868 CVE-2023-21869
    - CVE-2023-21871 CVE-2023-21875 CVE-2023-21877 CVE-2023-21863
    - CVE-2023-21867 CVE-2023-21870 CVE-2023-21873 CVE-2023-21876
    - CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881
    - CVE-2023-21883 CVE-2023-21882 CVE-2023-21887
    Upstream release notes:
    - https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html
  * Remove empty changelog file Docs/Changelog
  * debian/mysql-router-8.0.install: Added new files

  [ Marc Deslauriers ]
  * debian/patches/disable_timestamping_test.path: disable test that fails
    to build on certain archs because of the presence of sizeof in macros.

 -- Marc Deslauriers <email address hidden> Fri, 20 Jan 2023 06:54:21 -0500

CVE-2022-32221 POST following PUT confusion
CVE-2023-21836 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.31 and prior. Easil
CVE-2023-21868 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21869 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exp
CVE-2023-21871 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exp
CVE-2023-21875 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.31
CVE-2023-21877 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exp
CVE-2023-21863 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21867 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21870 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21873 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21876 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21878 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21879 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21880 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exp
CVE-2023-21881 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21883 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21882 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior.
CVE-2023-21887 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easil



About   -   Send Feedback to @ubuntu_updates