[security - medium] mysql:8.0 security update, rapidjson-1.1.0-6.module+el8+1967+1fd4a047

エラータID: AXSA:2026-376:01

Release date: 
Wednesday, April 1, 2026 - 21:03
Subject: 
[security - medium] mysql:8.0 security update, rapidjson-1.1.0-6.module+el8+1967+1fd4a047
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries.

Security Fix(es):

* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21941)
* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21948)
* mysql: InnoDB unspecified vulnerability (CPU Jan 2026) (CVE-2026-21936)
* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)
* mysql: DDL unspecified vulnerability (CPU Jan 2026) (CVE-2026-21937)
* mysql: Thread Pooling unspecified vulnerability (CPU Jan 2026) (CVE-2026-21964)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-21936
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21941
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21948
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21964
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Modularity name: "mysql"
Stream name: "8.0"

Solution: 

Update packages.

CVEs: 
CVE-2026-21936
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21941
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21948
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21964
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2026-21968
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Additional Info: 

N/A

Download: 

SRPMS
  1. mecab-ipadic-2.7.0.20070801-17.module+el8+1967+1fd4a047.src.rpm
    MD5: 6bb09b1fa283690214d70113b5511ab0
    SHA-256: 094880c453604fe856e0a4a4f2d1fd7102d368d0fb3620311ea4b04dc400eba7
    Size: 10.54 MB
  2. mecab-0.996-2.module+el8+1967+1fd4a047.src.rpm
    MD5: 1ed6aa5d14dc0a89e64318a098cba5e7
    SHA-256: 7c14d0aabd28509a75315b44ab384f22df1e37ffef6c8d0a60d3969468a330b3
    Size: 960.68 kB
  3. mysql-8.0.45-1.module+el8+1967+1fd4a047.ML.1.src.rpm
    MD5: 0f45988b49b6b3853bec108dfdd93553
    SHA-256: 9571f17488ef4c0b81b6b44dbd08f54792c71274fd957633a5f403d2f60ec3f2
    Size: 466.34 MB
  4. rapidjson-1.1.0-6.module+el8+1967+1fd4a047.src.rpm
    MD5: 7be396a68d5156317a7749a3dde22155
    SHA-256: 96f8cfec40940621257af7b8f9c92fff1ecee10a884f0d48a1f8148862ec5f61
    Size: 0.98 MB

Asianux Server 8 for x86_64
  1. mecab-0.996-2.module+el8+1967+1fd4a047.x86_64.rpm
    MD5: 8d92bbf96f3ff54300af7f6f7504a87b
    SHA-256: e758f8c729c40eb0a2f5214b4d32843e623d99619c55b6ab8c3dd9d3ee41bf19
    Size: 392.30 kB
  2. mecab-debugsource-0.996-2.module+el8+1967+1fd4a047.x86_64.rpm
    MD5: 665dd41461c50eaae1a18f7d58e24783
    SHA-256: 8a21f8df16da8d01415d0778aa654d7aea4c243295f77afd8f92143dc7350616
    Size: 165.54 kB
  3. mecab-devel-0.996-2.module+el8+1967+1fd4a047.x86_64.rpm
    MD5: a236934406fedcdf092633cfb8c6a249
    SHA-256: 76951d87b85abc0583faf962ad871d65d0801a9f34ada506b4f96a0130302779
    Size: 78.61 kB
  4. mecab-ipadic-2.7.0.20070801-17.module+el8+1967+1fd4a047.x86_64.rpm
    MD5: 647852d0b9dd6ac7fcb8515b9d10b244
    SHA-256: 06e51916ce5cd5e8e92af0e884ef16ab4efaa7808284d594899ba5454910638d
    Size: 10.52 MB
  5. mecab-ipadic-EUCJP-2.7.0.20070801-17.module+el8+1967+1fd4a047.x86_64.rpm
    MD5: 060405e5d8e671147e12f4d5667e30d5
    SHA-256: 132cac2c9850c1dea0779798ec23d798726400b3f07d3acb9610877fe98eb34f
    Size: 9.40 MB
  6. mysql-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: 0dd86d9fa14a6671bf027b08434c38c4
    SHA-256: 52efc09a6d5fb00d329ef542ca6e985f3ee030b9b45f56bf95a7d86ee35608e5
    Size: 14.55 MB
  7. mysql-common-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: 8724858cab637f007550f0e27bff73da
    SHA-256: 8aff25cd6bce1aa0d1211100f72a0b9ec1a74ec39fdcf9a32499b58dd7040e86
    Size: 135.70 kB
  8. mysql-debugsource-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: 882c7b15d72e3c743fa67d154be00171
    SHA-256: 157a4f407b127f8b3615ecf81f6e0afda8d69b4b25e397df1d441b0b1ff53488
    Size: 17.75 MB
  9. mysql-devel-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: ba65e20e17df7af25710f9cea1e387e5
    SHA-256: 8d436d6729c4024d2aa3a63a2ff904b1a1e438a1245a82a6268f5c1c7df99c05
    Size: 161.39 kB
  10. mysql-errmsg-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: 50c6f5eaa7169ce3574e722adfbce91a
    SHA-256: edef2cc72c3807d9f739fa40d6b0efc39298d835d376bdf01606497e7667dd86
    Size: 643.22 kB
  11. mysql-libs-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: 20ee0e3701c0a2b2485c31b7fbd90c76
    SHA-256: 0d3ca26b03ef7b8ba6715cfdd56150fd66f4af3382bc45604075193d732cf621
    Size: 1.48 MB
  12. mysql-server-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: ce261fa283ec73318a5c2f3044ca381c
    SHA-256: 257f2112dd9f73576fb9d882f8fdcf845702e7e24264d55c42d2e145c3ff0c7e
    Size: 32.53 MB
  13. mysql-test-8.0.45-1.module+el8+1967+1fd4a047.ML.1.x86_64.rpm
    MD5: 4e90e7894dc3d2b7cb6a1bee98fe46a5
    SHA-256: 27dd4484cc0371a5e19f6faa43ad5d2317fd8f24e1371de55ac14381672bef51
    Size: 404.30 MB