RHEL 8:mysql:8.0 (RHSA-2019:2511)

medium Nessus Plugin ID 127991
新推出!Plugin 嚴重性目前使用 CVSS v3

計算 Plugin 嚴重性已更新為預設使用 CVSS v3 沒有 CVSS v3 評分的 Plugin 會回歸到以 CVSS v2 計算嚴重性。您可在設定下拉式選單中切換顯示嚴重性的喜好設定

Synopsis

遠端 Red Hat 主機缺少一個或多個安全性更新。

描述

現已提供適用於 Red Hat Enterprise Linux 8 的 mysql:8.0 模組更新。Red Hat 產品安全性團隊已將此更新評等為具有重要安全性影響。可從〈參照〉一節的 CVE 連結中取得每個弱點之常見弱點評分系統 (CVSS) 的基本分數,其中包含有關嚴重性評等的詳細資訊。MySQL 是多使用者、多執行緒的 SQL 資料庫伺服器。它由 MySQL 伺服器程序 (mysqld) 與許多用戶端程式組成。下列套件已升級至更新的上游版本:mysql (8.0.17)。安全性修正:* mysql:Server:Replication 發生多個不明弱點 (CVE-2019-2800、CVE-2019-2436、CVE-2019-2531、CVE-2019-2534、CVE-2019-2614、CVE-2019-2617、CVE-2019-2630、CVE-2019-2634、CVE-2019-2635、CVE-2019-2755) * mysql:Server:Optimizer 發生多個不明弱點 (CVE-2019-2420、CVE-2019-2481、CVE-2019-2507、CVE-2019-2529、CVE-2019-2530、CVE-2019-2581、CVE-2019-2596、CVE-2019-2607、CVE-2019-2625、CVE-2019-2681、CVE-2019-2685、CVE-2019-2686、CVE-2019-2687、CVE-2019-2688、CVE-2019-2689、CVE-2019-2693、CVE-2019-2694、CVE-2019-2695、CVE-2019-2757、CVE-2019-2774、CVE-2019-2796、CVE-2019-2802、CVE-2019-2803、CVE-2019-2808、CVE-2019-2810、CVE-2019-2812、CVE-2019-2815、CVE-2019-2830、CVE-2019-2834) * mysql:Server:Parser 發生多個不明弱點 (CVE-2019-2434、CVE-2019-2455、CVE-2019-2805) * mysql:Server:PS 發生多個不明弱點 (CVE-2019-2482、CVE-2019-2592) * mysql:Server:Security:Privileges 發生多個不明弱點 (CVE-2019-2486、CVE-2019-2532、CVE-2019-2533、CVE-2019-2584、CVE-2019-2589、CVE-2019-2606、CVE-2019-2620、CVE-2019-2627、CVE-2019-2739、CVE-2019-2778、CVE-2019-2811、CVE-2019-2789) * mysql:Server:DDL 發生多個不明弱點 (CVE-2019-2494、CVE-2019-2495、CVE-2019-2537、CVE-2019-2626、CVE-2019-2644) * mysql:InnoDB 發生多個不明弱點 (CVE-2019-2502、CVE-2019-2510、CVE-2019-2580、CVE-2019-2585、CVE-2019-2593、CVE-2019-2624、CVE-2019-2628、CVE-2019-2758、CVE-2019-2785、CVE-2019-2798、CVE-2019-2879、CVE-2019-2814) * mysql:Server:Connection Handling 發生不明弱點 (CVE-2019-2503) * mysql:Server:Partition 發生多個不明弱點 (CVE-2019-2528、CVE-2019-2587) * mysql:Server:Options 發生多個不明弱點 (CVE-2019-2535、CVE-2019-2623、CVE-2019-2683、CVE-2019-2752) * mysql:Server:Packaging 發生不明弱點 (CVE-2019-2536) * mysql:Server:Connection 發生不明弱點 (CVE-2019-2539) * mysql:Server:Information Schema 發生不明弱點 (CVE-2019-2631) * mysql:Server:Group Replication Plugin 發生不明弱點 (CVE-2019-2636) * mysql:Server:Security:Roles 發生多個不明弱點 (CVE-2019-2691、CVE-2019-2826) * mysql:Server:Pluggable Auth 發生不明弱點 (CVE-2019-2737) * mysql:Server:XML 發生不明弱點 (CVE-2019-2740) * mysql:Server:Components / Services 發生不明弱點 (CVE-2019-2780) * mysql:Server:DML 發生不明弱點 (CVE-2019-2784) * mysql:Server:Charsets 發生不明弱點 (CVE-2019-2795) * mysql:Client programs 發生不明弱點 (CVE-2019-2797) * mysql:Server:FTS 發生不明弱點 (CVE-2019-2801) * mysql:Server:Security:Audit 發生不明弱點 (CVE-2019-2819) * mysql:Server:Compiling 發生不明弱點 (CVE-2019-2738) 如需安全性問題的詳細資料,包括影響、CVSS 分數、致謝及其他相關資訊,請參閱〈參照〉一節列出的 CVE 頁面。

解決方案

更新受影響的套件。

另請參閱

https://access.redhat.com/errata/RHSA-2019:2511

https://access.redhat.com/security/cve/cve-2019-2420

https://access.redhat.com/security/cve/cve-2019-2434

https://access.redhat.com/security/cve/cve-2019-2436

https://access.redhat.com/security/cve/cve-2019-2455

https://access.redhat.com/security/cve/cve-2019-2481

https://access.redhat.com/security/cve/cve-2019-2482

https://access.redhat.com/security/cve/cve-2019-2486

https://access.redhat.com/security/cve/cve-2019-2494

https://access.redhat.com/security/cve/cve-2019-2495

https://access.redhat.com/security/cve/cve-2019-2502

https://access.redhat.com/security/cve/cve-2019-2503

https://access.redhat.com/security/cve/cve-2019-2507

https://access.redhat.com/security/cve/cve-2019-2510

https://access.redhat.com/security/cve/cve-2019-2528

https://access.redhat.com/security/cve/cve-2019-2529

https://access.redhat.com/security/cve/cve-2019-2530

https://access.redhat.com/security/cve/cve-2019-2531

https://access.redhat.com/security/cve/cve-2019-2532

https://access.redhat.com/security/cve/cve-2019-2533

https://access.redhat.com/security/cve/cve-2019-2534

https://access.redhat.com/security/cve/cve-2019-2535

https://access.redhat.com/security/cve/cve-2019-2536

https://access.redhat.com/security/cve/cve-2019-2537

https://access.redhat.com/security/cve/cve-2019-2539

https://access.redhat.com/security/cve/cve-2019-2580

https://access.redhat.com/security/cve/cve-2019-2581

https://access.redhat.com/security/cve/cve-2019-2584

https://access.redhat.com/security/cve/cve-2019-2585

https://access.redhat.com/security/cve/cve-2019-2587

https://access.redhat.com/security/cve/cve-2019-2589

https://access.redhat.com/security/cve/cve-2019-2592

https://access.redhat.com/security/cve/cve-2019-2593

https://access.redhat.com/security/cve/cve-2019-2596

https://access.redhat.com/security/cve/cve-2019-2606

https://access.redhat.com/security/cve/cve-2019-2607

https://access.redhat.com/security/cve/cve-2019-2614

https://access.redhat.com/security/cve/cve-2019-2617

https://access.redhat.com/security/cve/cve-2019-2620

https://access.redhat.com/security/cve/cve-2019-2623

https://access.redhat.com/security/cve/cve-2019-2624

https://access.redhat.com/security/cve/cve-2019-2625

https://access.redhat.com/security/cve/cve-2019-2626

https://access.redhat.com/security/cve/cve-2019-2627

https://access.redhat.com/security/cve/cve-2019-2628

https://access.redhat.com/security/cve/cve-2019-2630

https://access.redhat.com/security/cve/cve-2019-2631

https://access.redhat.com/security/cve/cve-2019-2634

https://access.redhat.com/security/cve/cve-2019-2635

https://access.redhat.com/security/cve/cve-2019-2636

https://access.redhat.com/security/cve/cve-2019-2644

https://access.redhat.com/security/cve/cve-2019-2681

https://access.redhat.com/security/cve/cve-2019-2683

https://access.redhat.com/security/cve/cve-2019-2685

https://access.redhat.com/security/cve/cve-2019-2686

https://access.redhat.com/security/cve/cve-2019-2687

https://access.redhat.com/security/cve/cve-2019-2688

https://access.redhat.com/security/cve/cve-2019-2689

https://access.redhat.com/security/cve/cve-2019-2691

https://access.redhat.com/security/cve/cve-2019-2693

https://access.redhat.com/security/cve/cve-2019-2694

https://access.redhat.com/security/cve/cve-2019-2695

https://access.redhat.com/security/cve/cve-2019-2737

https://access.redhat.com/security/cve/cve-2019-2738

https://access.redhat.com/security/cve/cve-2019-2739

https://access.redhat.com/security/cve/cve-2019-2740

https://access.redhat.com/security/cve/cve-2019-2752

https://access.redhat.com/security/cve/cve-2019-2755

https://access.redhat.com/security/cve/cve-2019-2757

https://access.redhat.com/security/cve/cve-2019-2758

https://access.redhat.com/security/cve/cve-2019-2774

https://access.redhat.com/security/cve/cve-2019-2778

https://access.redhat.com/security/cve/cve-2019-2780

https://access.redhat.com/security/cve/cve-2019-2784

https://access.redhat.com/security/cve/cve-2019-2785

https://access.redhat.com/security/cve/cve-2019-2789

https://access.redhat.com/security/cve/cve-2019-2795

https://access.redhat.com/security/cve/cve-2019-2796

https://access.redhat.com/security/cve/cve-2019-2797

https://access.redhat.com/security/cve/cve-2019-2798

https://access.redhat.com/security/cve/cve-2019-2800

https://access.redhat.com/security/cve/cve-2019-2801

https://access.redhat.com/security/cve/cve-2019-2802

https://access.redhat.com/security/cve/cve-2019-2803

https://access.redhat.com/security/cve/cve-2019-2805

https://access.redhat.com/security/cve/cve-2019-2808

https://access.redhat.com/security/cve/cve-2019-2810

https://access.redhat.com/security/cve/cve-2019-2811

https://access.redhat.com/security/cve/cve-2019-2812

https://access.redhat.com/security/cve/cve-2019-2814

https://access.redhat.com/security/cve/cve-2019-2815

https://access.redhat.com/security/cve/cve-2019-2819

https://access.redhat.com/security/cve/cve-2019-2826

https://access.redhat.com/security/cve/cve-2019-2830

https://access.redhat.com/security/cve/cve-2019-2834

https://access.redhat.com/security/cve/cve-2019-2879

https://access.redhat.com/security/cve/cve-2019-2948

https://access.redhat.com/security/cve/cve-2019-2950

https://access.redhat.com/security/cve/cve-2019-2969

https://access.redhat.com/security/cve/cve-2019-3003

Plugin 詳細資訊

嚴重性: Medium

ID: 127991

檔案名稱: redhat-RHSA-2019-2511.nasl

版本: 1.9

類型: local

代理程式: unix

已發布: 2019/8/20

已更新: 2021/3/24

相依性: ssh_get_info.nasl

風險資訊

CVSS 評分資料來源: CVE-2019-2819

VPR

風險因素: Medium

分數: 5.2

CVSS v2

風險因素: Medium

基本分數: 5.5

時間分數: 4.1

媒介: AV:N/AC:L/Au:S/C:N/I:P/A:P

時間媒介: E:U/RL:OF/RC:C

CVSS v3

風險因素: Medium

基本分數: 5.5

時間分數: 4.8

媒介: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

時間媒介: E:U/RL:O/RC:C

弱點資訊

CPE: p-cpe:/a:redhat:enterprise_linux:mecab, p-cpe:/a:redhat:enterprise_linux:mecab-debugsource, p-cpe:/a:redhat:enterprise_linux:mecab-ipadic, p-cpe:/a:redhat:enterprise_linux:mecab-ipadic-EUCJP, p-cpe:/a:redhat:enterprise_linux:mysql, p-cpe:/a:redhat:enterprise_linux:mysql-common, p-cpe:/a:redhat:enterprise_linux:mysql-debugsource, p-cpe:/a:redhat:enterprise_linux:mysql-devel, p-cpe:/a:redhat:enterprise_linux:mysql-errmsg, p-cpe:/a:redhat:enterprise_linux:mysql-libs, p-cpe:/a:redhat:enterprise_linux:mysql-server, p-cpe:/a:redhat:enterprise_linux:mysql-test, cpe:/o:redhat:enterprise_linux:8, cpe:/o:redhat:enterprise_linux:8.0

必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

可輕鬆利用: No known exploits are available

修補程式發佈日期: 2019/8/15

弱點發布日期: 2019/1/16

參考資訊

CVE: CVE-2019-2420, CVE-2019-2434, CVE-2019-2436, CVE-2019-2455, CVE-2019-2481, CVE-2019-2482, CVE-2019-2486, CVE-2019-2494, CVE-2019-2495, CVE-2019-2502, CVE-2019-2503, CVE-2019-2507, CVE-2019-2510, CVE-2019-2528, CVE-2019-2529, CVE-2019-2530, CVE-2019-2531, CVE-2019-2532, CVE-2019-2533, CVE-2019-2534, CVE-2019-2535, CVE-2019-2536, CVE-2019-2537, CVE-2019-2539, CVE-2019-2580, CVE-2019-2581, CVE-2019-2584, CVE-2019-2585, CVE-2019-2587, CVE-2019-2589, CVE-2019-2592, CVE-2019-2593, CVE-2019-2596, CVE-2019-2606, CVE-2019-2607, CVE-2019-2614, CVE-2019-2617, CVE-2019-2620, CVE-2019-2623, CVE-2019-2624, CVE-2019-2625, CVE-2019-2626, CVE-2019-2627, CVE-2019-2628, CVE-2019-2630, CVE-2019-2631, CVE-2019-2634, CVE-2019-2635, CVE-2019-2636, CVE-2019-2644, CVE-2019-2681, CVE-2019-2683, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, CVE-2019-2688, CVE-2019-2689, CVE-2019-2691, CVE-2019-2693, CVE-2019-2694, CVE-2019-2695, CVE-2019-2737, CVE-2019-2738, CVE-2019-2739, CVE-2019-2740, CVE-2019-2752, CVE-2019-2755, CVE-2019-2757, CVE-2019-2758, CVE-2019-2774, CVE-2019-2778, CVE-2019-2780, CVE-2019-2784, CVE-2019-2785, CVE-2019-2789, CVE-2019-2795, CVE-2019-2796, CVE-2019-2797, CVE-2019-2798, CVE-2019-2800, CVE-2019-2801, CVE-2019-2802, CVE-2019-2803, CVE-2019-2805, CVE-2019-2808, CVE-2019-2810, CVE-2019-2811, CVE-2019-2812, CVE-2019-2814, CVE-2019-2815, CVE-2019-2819, CVE-2019-2826, CVE-2019-2830, CVE-2019-2834, CVE-2019-2879, CVE-2019-2948, CVE-2019-2950, CVE-2019-2969, CVE-2019-3003

RHSA: 2019:2511