Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3676 Moderate: rh-mysql57-mysql security update 27 November 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: rh-mysql57-mysql Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux WS/Desktop 6 Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Modify Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Delete Arbitrary Files -- Existing Account Read-only Data Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2018-3284 CVE-2018-3283 CVE-2018-3282 CVE-2018-3278 CVE-2018-3277 CVE-2018-3276 CVE-2018-3251 CVE-2018-3247 CVE-2018-3200 CVE-2018-3187 CVE-2018-3185 CVE-2018-3174 CVE-2018-3173 CVE-2018-3171 CVE-2018-3162 CVE-2018-3161 CVE-2018-3156 CVE-2018-3155 CVE-2018-3144 CVE-2018-3143 CVE-2018-3133 CVE-2018-3081 CVE-2018-3077 CVE-2018-3071 CVE-2018-3070 CVE-2018-3066 CVE-2018-3065 CVE-2018-3064 CVE-2018-3062 CVE-2018-3061 CVE-2018-3060 CVE-2018-3058 CVE-2018-3056 CVE-2018-3054 CVE-2018-2846 CVE-2018-2839 CVE-2018-2819 CVE-2018-2818 CVE-2018-2817 CVE-2018-2816 CVE-2018-2813 CVE-2018-2812 CVE-2018-2810 CVE-2018-2787 CVE-2018-2786 CVE-2018-2784 CVE-2018-2782 CVE-2018-2781 CVE-2018-2780 CVE-2018-2779 CVE-2018-2778 CVE-2018-2777 CVE-2018-2776 CVE-2018-2775 CVE-2018-2773 CVE-2018-2771 CVE-2018-2769 CVE-2018-2766 CVE-2018-2762 CVE-2018-2761 CVE-2018-2759 CVE-2018-2758 CVE-2018-2755 Reference: ASB-2018.0258 ESB-2018.3604 ESB-2018.3327 ESB-2018.2812 ESB-2018.1227 Original Bulletin: https://access.redhat.com/errata/RHSA-2018:3655 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-mysql57-mysql security update Advisory ID: RHSA-2018:3655-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3655 Issue date: 2018-11-26 CVE Names: CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-2846 CVE-2018-3054 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-3081 CVE-2018-3133 CVE-2018-3143 CVE-2018-3144 CVE-2018-3155 CVE-2018-3156 CVE-2018-3161 CVE-2018-3162 CVE-2018-3171 CVE-2018-3173 CVE-2018-3174 CVE-2018-3185 CVE-2018-3187 CVE-2018-3200 CVE-2018-3247 CVE-2018-3251 CVE-2018-3276 CVE-2018-3277 CVE-2018-3278 CVE-2018-3282 CVE-2018-3283 CVE-2018-3284 ===================================================================== 1. Summary: An update for rh-mysql57-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql (5.7.24). (BZ#1642523, BZ#1643049, BZ#1643060) Security Fix(es): * mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) * mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CPU Apr 2018) (CVE-2018-2758, CVE-2018-2818) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2018) (CVE-2018-2759, CVE-2018-2766, CVE-2018-2777, CVE-2018-2782, CVE-2018-2784, CVE-2018-2786, CVE-2018-2787, CVE-2018-2810, CVE-2018-2819) * mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761) * mysql: Server: Connection unspecified vulnerability (CPU Apr 2018) (CVE-2018-2762) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Apr 2018) (CVE-2018-2769) * mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771) * mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr 2018) (CVE-2018-2775, CVE-2018-2778, CVE-2018-2779, CVE-2018-2780, CVE-2018-2781, CVE-2018-2812, CVE-2018-2816) * mysql: Group Replication GCS unspecified vulnerability (CPU Apr 2018) (CVE-2018-2776) * mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2018) (CVE-2018-2813, CVE-2018-2817) * mysql: Server: DML unspecified vulnerability (CPU Apr 2018) (CVE-2018-2839) * mysql: Server: Performance Schema unspecified vulnerability (CPU Apr 2018) (CVE-2018-2846) * mysql: Server: DDL multiple unspecified vulnerabilities (CPU Jul 2018) (CVE-2018-3054, CVE-2018-3077) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2018) (CVE-2018-3056) * mysql: MyISAM unspecified vulnerability (CPU Jul 2018) (CVE-2018-3058) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2018) (CVE-2018-3060, CVE-2018-3064) * mysql: Server: DML multiple unspecified vulnerabilities (CPU Jul 2018) (CVE-2018-3061, CVE-2018-3065) * mysql: Server: Memcached unspecified vulnerability (CPU Jul 2018) (CVE-2018-3062) * mysql: Client mysqldump unspecified vulnerability (CPU Jul 2018) (CVE-2018-3070) * mysql: Audit Log unspecified vulnerability (CPU Jul 2018) (CVE-2018-3071) * mysql: Client programs unspecified vulnerability (CPU Jul 2018) (CVE-2018-3081) * mysql: Server: Parser multiple unspecified vulnerabilities (CPU Oct 2018) (CVE-2018-3133, CVE-2018-3155) * mysql: InnoDB multiple unspecified vulnerabilities (CPU Oct 2018) (CVE-2018-3143, CVE-2018-3156, CVE-2018-3162, CVE-2018-3173, CVE-2018-3185, CVE-2018-3200, CVE-2018-3251, CVE-2018-3277, CVE-2018-3284) * mysql: Server: Security: Audit unspecified vulnerability (CPU Oct 2018) (CVE-2018-3144) * mysql: Server: Partition multiple unspecified vulnerabilities (CPU Oct 2018) (CVE-2018-3161, CVE-2018-3171) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2018) (CVE-2018-3187) * mysql: Server: Merge unspecified vulnerability (CPU Oct 2018) (CVE-2018-3247) * mysql: Server: Memcached unspecified vulnerability (CPU Oct 2018) (CVE-2018-3276) * mysql: Server: RBR unspecified vulnerability (CPU Oct 2018) (CVE-2018-3278) * mysql: Server: Storage Engines unspecified vulnerability (CPU Oct 2018) (CVE-2018-3282) * mysql: Server: Logging unspecified vulnerability (CPU Oct 2018) (CVE-2018-3283) * mysql: pid file can be created in a world-writeable directory (CPU Apr 2018) (CVE-2018-2773) * mysql: Server: Options unspecified vulnerability (CPU Jul 2018) (CVE-2018-3066) * mysql: Init script calling kill with root privileges using pid from pidfile owned by mysql user (CPU Oct 2018) (CVE-2018-3174) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1568921 - CVE-2018-2755 mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) 1568922 - CVE-2018-2758 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2018) 1568923 - CVE-2018-2759 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568924 - CVE-2018-2761 mysql: Client programs unspecified vulnerability (CPU Apr 2018) 1568925 - CVE-2018-2762 mysql: Server: Connection unspecified vulnerability (CPU Apr 2018) 1568926 - CVE-2018-2766 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568927 - CVE-2018-2769 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Apr 2018) 1568931 - CVE-2018-2771 mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) 1568932 - CVE-2018-2773 mysql: pid file can be created in a world-writeable directory (CPU Apr 2018) 1568934 - CVE-2018-2775 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568936 - CVE-2018-2776 mysql: Group Replication GCS unspecified vulnerability (CPU Apr 2018) 1568937 - CVE-2018-2777 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568938 - CVE-2018-2778 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568940 - CVE-2018-2779 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568941 - CVE-2018-2780 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568942 - CVE-2018-2781 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568943 - CVE-2018-2782 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568944 - CVE-2018-2784 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568945 - CVE-2018-2786 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568946 - CVE-2018-2787 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568949 - CVE-2018-2810 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568950 - CVE-2018-2812 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568951 - CVE-2018-2813 mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) 1568953 - CVE-2018-2816 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) 1568954 - CVE-2018-2817 mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) 1568955 - CVE-2018-2818 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2018) 1568956 - CVE-2018-2819 mysql: InnoDB unspecified vulnerability (CPU Apr 2018) 1568957 - CVE-2018-2839 mysql: Server: DML unspecified vulnerability (CPU Apr 2018) 1568958 - CVE-2018-2846 mysql: Server: Performance Schema unspecified vulnerability (CPU Apr 2018) 1602354 - CVE-2018-3054 mysql: Server: DDL unspecified vulnerability (CPU Jul 2018) 1602355 - CVE-2018-3056 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2018) 1602356 - CVE-2018-3058 mysql: MyISAM unspecified vulnerability (CPU Jul 2018) 1602357 - CVE-2018-3060 mysql: InnoDB unspecified vulnerability (CPU Jul 2018) 1602359 - CVE-2018-3061 mysql: Server: DML unspecified vulnerability (CPU Jul 2018) 1602360 - CVE-2018-3062 mysql: Server: Memcached unspecified vulnerability (CPU Jul 2018) 1602364 - CVE-2018-3064 mysql: InnoDB unspecified vulnerability (CPU Jul 2018) 1602365 - CVE-2018-3065 mysql: Server: DML unspecified vulnerability (CPU Jul 2018) 1602366 - CVE-2018-3066 mysql: Server: Options unspecified vulnerability (CPU Jul 2018) 1602369 - CVE-2018-3070 mysql: Client mysqldump unspecified vulnerability (CPU Jul 2018) 1602370 - CVE-2018-3071 mysql: Audit Log unspecified vulnerability (CPU Jul 2018) 1602375 - CVE-2018-3077 mysql: Server: DDL unspecified vulnerability (CPU Jul 2018) 1602424 - CVE-2018-3081 mysql: Client programs unspecified vulnerability (CPU Jul 2018) 1640307 - CVE-2018-3276 mysql: Server: Memcached unspecified vulnerability (CPU Oct 2018) 1640308 - CVE-2018-3200 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640310 - CVE-2018-3284 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640312 - CVE-2018-3173 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640316 - CVE-2018-3162 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640317 - CVE-2018-3247 mysql: Server: Merge unspecified vulnerability (CPU Oct 2018) 1640318 - CVE-2018-3156 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640319 - CVE-2018-3161 mysql: Server: Partition unspecified vulnerability (CPU Oct 2018) 1640320 - CVE-2018-3278 mysql: Server: RBR unspecified vulnerability (CPU Oct 2018) 1640321 - CVE-2018-3174 mysql: Init script calling kill with root privileges using pid from pidfile owned by mysql user (CPU Oct 2018) 1640322 - CVE-2018-3282 mysql: Server: Storage Engines unspecified vulnerability (CPU Oct 2018) 1640324 - CVE-2018-3187 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2018) 1640325 - CVE-2018-3277 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640326 - CVE-2018-3144 mysql: Server: Security: Audit unspecified vulnerability (CPU Oct 2018) 1640331 - CVE-2018-3133 mysql: Server: Parser unspecified vulnerability (CPU Oct 2018) 1640332 - CVE-2018-3143 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640333 - CVE-2018-3283 mysql: Server: Logging unspecified vulnerability (CPU Oct 2018) 1640334 - CVE-2018-3171 mysql: Server: Partition unspecified vulnerability (CPU Oct 2018) 1640335 - CVE-2018-3251 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640337 - CVE-2018-3185 mysql: InnoDB unspecified vulnerability (CPU Oct 2018) 1640340 - CVE-2018-3155 mysql: Server: Parser unspecified vulnerability (CPU Oct 2018) 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-mysql57-mysql-5.7.24-2.el6.src.rpm x86_64: rh-mysql57-mysql-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-common-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-config-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-server-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-test-5.7.24-2.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: rh-mysql57-mysql-5.7.24-2.el6.src.rpm x86_64: rh-mysql57-mysql-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-common-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-config-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-server-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-test-5.7.24-2.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-mysql57-mysql-5.7.24-2.el6.src.rpm x86_64: rh-mysql57-mysql-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-common-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-config-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-server-5.7.24-2.el6.x86_64.rpm rh-mysql57-mysql-test-5.7.24-2.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm aarch64: rh-mysql57-mysql-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.aarch64.rpm ppc64le: rh-mysql57-mysql-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-common-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-config-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-server-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-test-5.7.24-1.el7.ppc64le.rpm s390x: rh-mysql57-mysql-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-common-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-config-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-server-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-test-5.7.24-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm aarch64: rh-mysql57-mysql-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.aarch64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.aarch64.rpm ppc64le: rh-mysql57-mysql-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-common-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-config-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-server-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-test-5.7.24-1.el7.ppc64le.rpm s390x: rh-mysql57-mysql-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-common-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-config-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-server-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-test-5.7.24-1.el7.s390x.rpm x86_64: rh-mysql57-mysql-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm ppc64le: rh-mysql57-mysql-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-common-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-config-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-server-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-test-5.7.24-1.el7.ppc64le.rpm s390x: rh-mysql57-mysql-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-common-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-config-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-server-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-test-5.7.24-1.el7.s390x.rpm x86_64: rh-mysql57-mysql-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm ppc64le: rh-mysql57-mysql-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-common-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-config-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-server-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-test-5.7.24-1.el7.ppc64le.rpm s390x: rh-mysql57-mysql-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-common-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-config-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-server-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-test-5.7.24-1.el7.s390x.rpm x86_64: rh-mysql57-mysql-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm ppc64le: rh-mysql57-mysql-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-common-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-config-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-server-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-test-5.7.24-1.el7.ppc64le.rpm s390x: rh-mysql57-mysql-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-common-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-config-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-server-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-test-5.7.24-1.el7.s390x.rpm x86_64: rh-mysql57-mysql-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm ppc64le: rh-mysql57-mysql-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-common-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-config-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-server-5.7.24-1.el7.ppc64le.rpm rh-mysql57-mysql-test-5.7.24-1.el7.ppc64le.rpm s390x: rh-mysql57-mysql-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-common-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-config-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-server-5.7.24-1.el7.s390x.rpm rh-mysql57-mysql-test-5.7.24-1.el7.s390x.rpm x86_64: rh-mysql57-mysql-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-mysql57-mysql-5.7.24-1.el7.src.rpm x86_64: rh-mysql57-mysql-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-common-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-config-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-debuginfo-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-devel-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-errmsg-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-server-5.7.24-1.el7.x86_64.rpm rh-mysql57-mysql-test-5.7.24-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-2755 https://access.redhat.com/security/cve/CVE-2018-2758 https://access.redhat.com/security/cve/CVE-2018-2759 https://access.redhat.com/security/cve/CVE-2018-2761 https://access.redhat.com/security/cve/CVE-2018-2762 https://access.redhat.com/security/cve/CVE-2018-2766 https://access.redhat.com/security/cve/CVE-2018-2769 https://access.redhat.com/security/cve/CVE-2018-2771 https://access.redhat.com/security/cve/CVE-2018-2773 https://access.redhat.com/security/cve/CVE-2018-2775 https://access.redhat.com/security/cve/CVE-2018-2776 https://access.redhat.com/security/cve/CVE-2018-2777 https://access.redhat.com/security/cve/CVE-2018-2778 https://access.redhat.com/security/cve/CVE-2018-2779 https://access.redhat.com/security/cve/CVE-2018-2780 https://access.redhat.com/security/cve/CVE-2018-2781 https://access.redhat.com/security/cve/CVE-2018-2782 https://access.redhat.com/security/cve/CVE-2018-2784 https://access.redhat.com/security/cve/CVE-2018-2786 https://access.redhat.com/security/cve/CVE-2018-2787 https://access.redhat.com/security/cve/CVE-2018-2810 https://access.redhat.com/security/cve/CVE-2018-2812 https://access.redhat.com/security/cve/CVE-2018-2813 https://access.redhat.com/security/cve/CVE-2018-2816 https://access.redhat.com/security/cve/CVE-2018-2817 https://access.redhat.com/security/cve/CVE-2018-2818 https://access.redhat.com/security/cve/CVE-2018-2819 https://access.redhat.com/security/cve/CVE-2018-2839 https://access.redhat.com/security/cve/CVE-2018-2846 https://access.redhat.com/security/cve/CVE-2018-3054 https://access.redhat.com/security/cve/CVE-2018-3056 https://access.redhat.com/security/cve/CVE-2018-3058 https://access.redhat.com/security/cve/CVE-2018-3060 https://access.redhat.com/security/cve/CVE-2018-3061 https://access.redhat.com/security/cve/CVE-2018-3062 https://access.redhat.com/security/cve/CVE-2018-3064 https://access.redhat.com/security/cve/CVE-2018-3065 https://access.redhat.com/security/cve/CVE-2018-3066 https://access.redhat.com/security/cve/CVE-2018-3070 https://access.redhat.com/security/cve/CVE-2018-3071 https://access.redhat.com/security/cve/CVE-2018-3077 https://access.redhat.com/security/cve/CVE-2018-3081 https://access.redhat.com/security/cve/CVE-2018-3133 https://access.redhat.com/security/cve/CVE-2018-3143 https://access.redhat.com/security/cve/CVE-2018-3144 https://access.redhat.com/security/cve/CVE-2018-3155 https://access.redhat.com/security/cve/CVE-2018-3156 https://access.redhat.com/security/cve/CVE-2018-3161 https://access.redhat.com/security/cve/CVE-2018-3162 https://access.redhat.com/security/cve/CVE-2018-3171 https://access.redhat.com/security/cve/CVE-2018-3173 https://access.redhat.com/security/cve/CVE-2018-3174 https://access.redhat.com/security/cve/CVE-2018-3185 https://access.redhat.com/security/cve/CVE-2018-3187 https://access.redhat.com/security/cve/CVE-2018-3200 https://access.redhat.com/security/cve/CVE-2018-3247 https://access.redhat.com/security/cve/CVE-2018-3251 https://access.redhat.com/security/cve/CVE-2018-3276 https://access.redhat.com/security/cve/CVE-2018-3277 https://access.redhat.com/security/cve/CVE-2018-3278 https://access.redhat.com/security/cve/CVE-2018-3282 https://access.redhat.com/security/cve/CVE-2018-3283 https://access.redhat.com/security/cve/CVE-2018-3284 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW/vnxNzjgjWX9erEAQh0Qg/8C8GdKebM8cf+hxo+q2/UD6487k30zWqK s1XAnqUdaEa1tlQ7gg4M67bquHyOrBvAN58HfO30+XHks6osTJn1GjghRsBcrxR8 4tnXwk3EX1qT1eBZW/dYgg2ZgyJrBVTlIWNs/WHJAbM6eb9nTcUiaAMvVn7TgIN7 OD6F3laYtAg8lJsXHoBILwuAXojkjELerumoW7jWeLtZU5aQFn9pFqsOfWQ1xMG1 IuGom5P/aBZg6Bls3gKTpR/iNtqYD3+dQyq3+x1Px2hrXiYIP10MZ2mlZwnFGnHc JZKA02dBT0DvDt1oPSDVCtiKZHAefvTMJFPnlUaYvf0xDu4ZKK2XSgvLs87AIIbk nsbXnHDv+1H3LWKpkkovxgjpPTZDvkVmoWvPuTYXVHwViPWhFEA+UwyCKfrvbrzX vLlT8+IwDwIr5EgR8jAscOpvyIc7PEsgbK0zZa1CqsjkkPncY8AOyloFuUhGwW+O EYzJGzcX2h4DcQHco3qNwCzgGTbaQYzZGfhfViLttxR9QPdAPn7D0bJRXMURaB2M vVgSM5sYFO3rnMxRIJhmOWA8mxym3+PBW1oB0fXJPWizPix8xaMoPheDq1h3Z5xn tkuDgjof1Fm/WqCfsBp1U54rbSthPuZt1qxCogBH8zamjXaS8ueEJBWlwKpyYLwq eE7rE8XztHo= =MbCN - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW/y3/WaOgq3Tt24GAQhXaRAAx6A9jPo0/W0qdLe5j+TPvg+f10pdMxuI DjOP1unUvLbefbnGJSAF2uIr4SPd6SxO/qHr6DKAgSjQkYxEVeOmc9UxCs0Xt1WZ gDW6aD6DXKQ3XagsP6Bn5+r+hwRrHxrRyW2aI19n+4zktBWJZ4Yliq7zoG0+5E4q Rv8nmxCjLpM1GOgBccymgpgKG8kHctpVRuMmNRu4v0pKqm9V4Ol5tjLQuKwg1uTN xH/gBKs0fcOLzl93p5EdFwG8Rw6aeecYfmAjDN7ix/BlQaeuqqPjuTBZiNBGn0mi Xm/4ea1lY91lN8keLsf9CsYofaaUyxdsU8IsLJutmdM9v2RecC7fWEFYhtYcqCqf yqxyyq79ZQaaoDJEin/YflBSSaK/60xhrLXCJnVJekv5muJTH+Fb/J2PG+2YJ/v+ mN2CYwqNGAk+J57zy9OaDWtNR6iATpJtM1n2lVCiD6xWuCTyyh4MRYTCV/I/pR26 5dDp2+B/HNQuazBZi9PiOzeoy4/h5mHFm9CsBlmrntAEAJTFMCJtrEiIQD2hiAvm MV9ifJU5Lt2/N3k1doB5CRrlDTu3TGWBrdV3KMGjd1rzBlU9D0urR2y8RKngLJt4 0oj059cDncIgNAxwS7y22PEENDFf0maKgyFrFc7zqN41BRTm8plnBESiZgwaJw+T aMR6SjbiOYw= =q9Jw -----END PGP SIGNATURE-----