security/vuxml: MySQL Server 2020Q2 vulnerabilities

svn path=/head/; revision=532677
2025-01-02 06:03:50 +00:00 · 2020-04-23 12:25:39 +00:00 · 2020-04-23 12:25:39 +00:00 · 7998a7390e · 2021-03-31 03:12:20 +00:00
commit 7998a7390e
parent 563885986e
1 changed files with 85 additions and 1 deletions
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -58,8 +58,92 @@ Notes:
  * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="21d59ea3-8559-11ea-a5e2-d4c9ef517024">
+    <topic>MySQL Server -- Multiple vulerabilities</topic>
+    <affects>
+      <package>
+	<name>mysql56-server</name>
+	<range><lt>5.6.48</lt></range>
+      </package>
+      <package>
+	<name>mysql57-server</name>
+	<range><lt>5.7.30</lt></range>
+      </package>
+      <package>
+	<name>mysql80-server</name>
+	<range><lt>8.0.20</lt></range>
+      </package>
+      <package>
+	<name>percona55-server</name>
+	<range><lt>5.5.68</lt></range>
+      </package>
+      <package>
+	<name>percona56-server</name>
+	<range><lt>5.6.48</lt></range>
+      </package>
+      <package>
+	<name>percona57-server</name>
+	<range><lt>5.7.30</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Oracle reports:</p>
+	<blockquote cite="https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL">
+	  <p>This Critical Patch Update contains 45 new security patches for
+	    Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable
+	    without authentication, i.e., may be exploited over a network without
+	    requiring user credentials.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <url>https://www.oracle.com/security-alerts/cpujan2020.html</url>
+      <cvename>CVE-2019-5482</cvename>
+      <cvename>CVE-2019-15601</cvename>
+      <cvename>CVE-2020-2780</cvename>
+      <cvename>CVE-2020-2790</cvename>
+      <cvename>CVE-2020-2768</cvename>
+      <cvename>CVE-2020-2804</cvename>
+      <cvename>CVE-2020-2760</cvename>
+      <cvename>CVE-2020-2806</cvename>
+      <cvename>CVE-2020-2762</cvename>
+      <cvename>CVE-2020-2814</cvename>
+      <cvename>CVE-2020-2893</cvename>
+      <cvename>CVE-2020-2895</cvename>
+      <cvename>CVE-2020-2898</cvename>
+      <cvename>CVE-2020-2903</cvename>
+      <cvename>CVE-2020-2896</cvename>
+      <cvename>CVE-2020-2770</cvename>
+      <cvename>CVE-2020-2765</cvename>
+      <cvename>CVE-2020-2892</cvename>
+      <cvename>CVE-2020-2897</cvename>
+      <cvename>CVE-2020-2923</cvename>
+      <cvename>CVE-2020-2924</cvename>
+      <cvename>CVE-2020-2901</cvename>
+      <cvename>CVE-2020-2928</cvename>
+      <cvename>CVE-2020-2904</cvename>
+      <cvename>CVE-2020-2925</cvename>
+      <cvename>CVE-2020-2759</cvename>
+      <cvename>CVE-2020-2763</cvename>
+      <cvename>CVE-2020-2761</cvename>
+      <cvename>CVE-2020-2774</cvename>
+      <cvename>CVE-2020-2853</cvename>
+      <cvename>CVE-2020-2779</cvename>
+      <cvename>CVE-2020-2812</cvename>
+      <cvename>CVE-2019-1547</cvename>
+      <cvename>CVE-2020-2926</cvename>
+      <cvename>CVE-2020-2921</cvename>
+      <cvename>CVE-2020-2930</cvename>
+    </references>
+    <dates>
+      <discovery>2020-04-14</discovery>
+      <entry>2020-04-23</entry>
+    </dates>
+  </vuln>
+
  <vuln vid="622b5c47-855b-11ea-a5e2-d4c9ef517024">
-    <topic>MySQL -- Multiple vulerabilities</topic>
+    <topic>MySQL Client -- Multiple vulerabilities</topic>
    <affects>
      <package>
 	<name>mysql56-client</name>