8.0.28-0ubuntu0.20.04.3 Breaks SSL Connectivity to MySQL < 5.7
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mysql-8.0 (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
The MySQL client packages were automatically upgraded from `8.0.27-
```
Start-Date: 2022-02-05 06:00:06
Commandline: /usr/bin/
Upgrade: libmysqlclient-
End-Date: 2022-02-05 06:00:08
```
This broke the workaround that is currently in place as suggested by comment #36 and #37 on https:/
```
The impact was significant (in my case), in that it prevented Postfix from processing mail, causing all sorts of grief.
```
Feb 8 06:32:35 mail.outbound.
```
I had to locate, download, and install the older packages from https:/
There is a plan to upgrade MySQL/AWS RDS to a newer version but this was an unexpected change for an LTS version of the OS. Is the workaround mentioned no longer feasible?
```
lsb_release -rd
Description: Ubuntu 20.04.3 LTS
Release: 20.04
```
description: | updated |
Hi Daniel,
Thanks for taking the time to report this issue.
As per mysql 8.0.28 release notes [1], Support for the TLSv1 and TLSv1.1 connection protocols, which were deprecated since 8.0.26, was removed.
The reason for the bump can be found in the package changelog in [2]. There you will find that several CVEs were addressed with that update. It is likely that the security team did consider backporting the patches to fix those, but there are times when it ends up making more sense to introduce a new version to patch those CVEs.
I am subscribing the security team to this bug.
[1] https:/ /dev.mysql. com/doc/ relnotes/ mysql/8. 0/en/news- 8-0-28. html#mysqld- 8-0-28- feature /launchpad. net/ubuntu/ +source/ mysql-8. 0/8.0.28- 0ubuntu0. 20.04.3
[2] https:/