Zwei Probleme in perl-DBD-MySQL
ID: | FEDORA-2016-673cbb6bb4 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | Di, 13. Dezember 2016, 08:41 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1249 |
Applikationen: | perl-DBD-MySQL |
Originalnachricht |
|
Name : perl-DBD-MySQL Product : Fedora 25 Version : 4.041 Release : 1.fc25 URL : http://search.cpan.org/dist/DBD-mysql/ Summary : A MySQL interface for Perl Description : DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming language and the MySQL programming API that comes with the MySQL relational database management system. -------------------------------------------------------------------------------- Update Information: This release fixes CVE-2016-1251 vulnerability, a use after free when using prepared statements. ---- Updated to the latest version ---- Security fix for CVE-2016-1249 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1399580 - CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements https://bugzilla.redhat.com/show_bug.cgi?id=1399580 [ 2 ] Bug #1395591 - CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side prepared statement support https://bugzilla.redhat.com/show_bug.cgi?id=1395591 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade perl-DBD-MySQL' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |