An update for mysql is now available for openEuler-24.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2157 Final 1.0 1.0 2026-05-03 Initial 2026-05-03 2026-05-03 openEuler SA Tool V1.0 2026-05-03 mysql security update An update for mysql is now available for openEuler-24.03-LTS-SP3 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fix(es): Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).(CVE-2026-34317) Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).(CVE-2026-34319) An update for mysql is now available for openEuler-24.03-LTS-SP3. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium mysql https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2157 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-34317 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-34319 https://nvd.nist.gov/vuln/detail/CVE-2026-34317 https://nvd.nist.gov/vuln/detail/CVE-2026-34319 openEuler-24.03-LTS-SP3 mysql-8.0.46-1.oe2403sp3.aarch64.rpm mysql-common-8.0.46-1.oe2403sp3.aarch64.rpm mysql-config-8.0.46-1.oe2403sp3.aarch64.rpm mysql-debuginfo-8.0.46-1.oe2403sp3.aarch64.rpm mysql-debugsource-8.0.46-1.oe2403sp3.aarch64.rpm mysql-devel-8.0.46-1.oe2403sp3.aarch64.rpm mysql-errmsg-8.0.46-1.oe2403sp3.aarch64.rpm mysql-help-8.0.46-1.oe2403sp3.aarch64.rpm mysql-libs-8.0.46-1.oe2403sp3.aarch64.rpm mysql-server-8.0.46-1.oe2403sp3.aarch64.rpm mysql-test-8.0.46-1.oe2403sp3.aarch64.rpm mysql-8.0.46-1.oe2403sp3.src.rpm mysql-8.0.46-1.oe2403sp3.x86_64.rpm mysql-common-8.0.46-1.oe2403sp3.x86_64.rpm mysql-config-8.0.46-1.oe2403sp3.x86_64.rpm mysql-debuginfo-8.0.46-1.oe2403sp3.x86_64.rpm mysql-debugsource-8.0.46-1.oe2403sp3.x86_64.rpm mysql-devel-8.0.46-1.oe2403sp3.x86_64.rpm mysql-errmsg-8.0.46-1.oe2403sp3.x86_64.rpm mysql-help-8.0.46-1.oe2403sp3.x86_64.rpm mysql-libs-8.0.46-1.oe2403sp3.x86_64.rpm mysql-server-8.0.46-1.oe2403sp3.x86_64.rpm mysql-test-8.0.46-1.oe2403sp3.x86_64.rpm Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H). 2026-05-03 CVE-2026-34317 openEuler-24.03-LTS-SP3 Medium 5.0 AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H mysql security update 2026-05-03 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2157 Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes to compromise MySQL Shell. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Shell. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H). 2026-05-03 CVE-2026-34319 openEuler-24.03-LTS-SP3 Medium 5.0 AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H mysql security update 2026-05-03 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2157