1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3684-1] libdbd-mysql-perl security update

    From Florian Weimer@1:229/2 to All on Mon Oct 3 19:20:02 2016
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3684-1 [email protected] https://www.debian.org/security/ Florian Weimer October 03, 2016 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : libdbd-mysql-perl
    CVE ID : CVE-2016-1246

    Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database
    driver for MySQL and MariaDB, constructed an error message in a
    fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.

    For the stable distribution (jessie), this problem has been fixed in
    version 4.028-2+deb8u2.

    We recommend that you upgrade your libdbd-mysql-perl packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iQEcBAEBAgAGBQJX8pvgAAoJEL97/wQC1SS+WpkIALL0JHF9wO4NzQ7akLBW3aY4 sRDUnboupi6hD3vFeJAKPWidM42Iyu5qoWVvhGmVDQ6MaBf2GOZmN9xXSQTnXVvX vRcp76G4HDn5JvZbesYrWvnB5VHGTI7pBsnTDeqqzyxD1OE2UIrsyncG+QokHJrH iY6AXB/CYnftvE1nObr5eeBmtUaqHPxypZ5/S9KzFwCSWYWWhuxlSZ9KsP7rl4aF AOMy3IwSF/a4Jc5/r2qkgmjOU/n4NfmhSqiepJyMg0j5beGNG/Qt4NbY0s5dhAZF hAsJZEP+Eg57MuXj4sTcRGKFCSNCwF6XJEMjkAN5yIHK0Z/Q+CcIufbTloB4efw=
    =zm83
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)