Your message dated Tue, 24 May 2022 09:21:14 -0700
with message-id
<CAJH7gV5m8nHi7zhSh1BVabMC1=sew3h3zdozv3yjnb2kuyu...@mail.gmail.com>
and subject line Bug #992239 - Fixed upstream CVEs
has caused the Debian Bug report #992239,
regarding Security fixes from the July 2021 CPU
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
992239: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992239
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mysql-8.0
Version: 8.0.23
Severity: grave
Tags: security upstream fixed-upstream
The Oracle Critical Patch Update for July 2021 lists CVEs affecting
MySQL 8.0
that are fixed in 8.0.26
CVE list:
- CVE-2019-17543 CVE-2021-2339 CVE-2021-2340 CVE-2021-2342
- CVE-2021-2352 CVE-2021-2354 CVE-2021-2356 CVE-2021-2357
- CVE-2021-2367 CVE-2021-2370 CVE-2021-2372 CVE-2021-2374
- CVE-2021-2383 CVE-2021-2384 CVE-2021-2385 CVE-2021-2387
- CVE-2021-2389 CVE-2021-2390 CVE-2021-2399 CVE-2021-2402
- CVE-2021-2410 CVE-2021-2412 CVE-2021-2417 CVE-2021-2418
- CVE-2021-2422 CVE-2021-2424 CVE-2021-2425 CVE-2021-2426
- CVE-2021-2427 CVE-2021-2429 CVE-2021-2437 CVE-2021-2440
- CVE-2021-2441 CVE-2021-2444 CVE-2021-22901
Ref: https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL
Regards,
Lars Tangvald
--- End Message ---
--- Begin Message ---
The CVEs fixed upstream in 8.0.26 have been fixed in Debian with the
version bump from 8.0.23 to 8.0.29.
Thanks,
Lena Voytek
--- End Message ---
