UbuntuUpdates.org

Package "libdbd-mysql-perl"

Name: libdbd-mysql-perl

Description:

Perl5 database interface to the MySQL database
Latest version: 4.020-1ubuntu0.1
Release: precise (12.04)
Level: updates
Repository: main
Homepage: http://search.cpan.org/dist/DBD-mysql/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libdbd-mysql-perl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libdbd-mysql-perl" in Precise

Repository Area Version
base main 4.020-1build2
security main 4.020-1ubuntu0.1

Changelog

Version: 4.020-1ubuntu0.1 2016-10-13 16:06:31 UTC

  libdbd-mysql-perl (4.020-1ubuntu0.1) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    use after free
    - debian/patches/CVE-2014-9906.patch: properly handle free in dbdimp.c.
    - CVE-2014-9906
  * SECURITY UPDATE: denial of service and possible code execution via
    use after free
    - debian/patches/CVE-2015-8949.patch: properly handle free in dbdimp.c.
    - CVE-2015-8949
  * SECURITY UPDATE: unsafe sprintf w/variable length input
    - debian/patches/CVE-2016-1246.patch: don't use sprintf in dbdimp.c.
    - CVE-2016-1246

 -- Marc Deslauriers <email address hidden> Wed, 12 Oct 2016 11:23:37 -0400
CVE-2014-9906 Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary c
CVE-2015-8949 Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call
CVE-2016-1246 Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors re


About   -   Send Feedback to @ubuntu_updates