ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

MySQL Vulnerability patch requests for DX NetOps Performance Management

book

Article ID: 225067

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

We have requirements to patch the following MyQSL vulnerabilities. Can you please confirm if any of these patches (and/or resolution of these QIDs) would break the normal operation of MySQL or PM in general?

QID 20221: Refer to vendor advisory Oracle MySQL April 2021
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Oracle MySQL April 2021 Critical Patch Update (CPUAPR2021)
QID 20203: Refer to vendor advisory Oracle MySQL April 2021
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Oracle MySQL April 2021 Critical Patch Update (CPUAPR2021) Oracle MySQL January 2021
Patch:
Following are links for downloading patches to fix the vulnerabilities:
MySQL CPJAN2021
QID 20225: Refer to vendor advisory Oracle MySQL April 2021
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Oracle MySQL April 2021 Critical Patch Update (CPUAPR2021) Oracle MySQL January 2021
Patch:
Following are links for downloading patches to fix the vulnerabilities:
MySQL CPJAN2021 Oracle MySQL April 2021
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Oracle MySQL April 2021 Critical Patch Update (CPUJUL2021)

Environment

All supported DX NetOps Performance Management releases r21.2.7 and earlier (subject to change)

Resolution

Patching of MySql used by the DX NetOps Performance Management systems outside of a product upgrade is not supported.

Four of the issues reported are fixed in CPUAPR2021. One is fixed in CPUJUL2021.

More information about each is available at these URLs.

  • https://www.oracle.com/security-alerts/cpuapr2021.html]

The highest affected versions are MySql Cluster 8.0.23 and MySql Server 5.7.33

  • https://www.oracle.com/security-alerts/cpujul2021.html

The highest affected versions are MySql Cluster 8.0.25 and MySql Server 5.7.34

21.2.1, through 21.2.7 release, we're using MySql Server version 5.7.32.

Additional Information

In DX Netops Performance Management 21.2.8 MySQL was upgraded to MySQL 8.0.27 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/performance-management/21-2/release-notes/features-and-enhancements_pm2128.html#concept.dita_66ec702d-6f1f-416b-9848-63fb3650600d_MySql8Support