search cancel

Oracle MySQL October 2022 Critical Patch Update (CPUOCT2022)

book

Article ID: 253969

calendar_today

Updated On:

Products

DX NetOps CA Performance Management - Usage and Administration

Issue/Introduction

We have a new Vulnerability Oracle MySQL October 2022 Critical Patch Update (CPUOCT2022). CVE ID's below.

CVE-2022-21589 Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior.
CVE-2022-21595 Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior.
CVE-2022-21600 Supported versions that are affected are 8.0.27 and prior. 
CVE-2022-21605 Supported versions that are affected are 8.0.28 and prior.
CVE-2022-21607 Supported versions that are affected are 8.0.28 and prior.
CVE-2022-21592 Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior.
CVE-2022-21635 Supported versions that are affected are 8.0.29 and prior
CVE-2022-21638 Supported versions that are affected are 8.0.29 and prior. 
CVE-2022-21641 Supported versions that are affected are 8.0.29 and prior
CVE-2022-2097  Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
CVE-2022-21608 Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior.
CVE-2022-21617 Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. 
CVE-2022-21594 Supported versions that are affected are 8.0.30 and prior. 
CVE-2022-21599 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-21604 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-21611 Supported versions that are affected are 8.0.30 
CVE-2022-21625 Supported versions that are affected are 8.0.30 and prior
CVE-2022-21632 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-21633 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-21637 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-21640 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-39400 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-39408 Supported versions that are affected are 8.0.30 and prior.
CVE-2022-39410 Supported versions that are affected are 8.0.30 and prior.

 

Environment

Release : PM 22.2

Resolution

We we are planning the upgrade of MySQL to 8.0.31 for 22.2.5 (December 2022 release) which will mitigate these CVE's for PM.