UbuntuUpdates.org

Package "libdbd-mysql-perl"

Name: libdbd-mysql-perl

Description:

Perl5 database interface to the MySQL database
Latest version: 4.025-1ubuntu0.1
Release: trusty (14.04)
Level: updates
Repository: main
Homepage: https://metacpan.org/release/DBD-mysql

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libdbd-mysql-perl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libdbd-mysql-perl" in Trusty

Repository Area Version
base main 4.025-1
security main 4.025-1ubuntu0.1

Changelog

Version: 4.025-1ubuntu0.1 2016-10-13 16:06:34 UTC

  libdbd-mysql-perl (4.025-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    use after free
    - debian/patches/CVE-2014-9906.patch: properly handle free in dbdimp.c,
      added test to t/rt85919-fetch-lost-connection.t,
      t/rt86153-reconnect-fail-memory.t.
    - CVE-2014-9906
  * SECURITY UPDATE: denial of service and possible code execution via
    use after free
    - debian/patches/CVE-2015-8949.patch: properly handle free in dbdimp.c.
    - CVE-2015-8949
  * SECURITY UPDATE: unsafe sprintf w/variable length input
    - debian/patches/CVE-2016-1246.patch: don't use sprintf in dbdimp.c.
    - CVE-2016-1246

 -- Marc Deslauriers <email address hidden> Wed, 12 Oct 2016 11:04:46 -0400
CVE-2014-9906 Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary c
CVE-2015-8949 Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call
CVE-2016-1246 Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors re


About   -   Send Feedback to @ubuntu_updates