ALT-PU-2016-1793-1
Package perl-DBD-mysql updated to version 4.035-alt1 for branch sisyphus in task 167866.
Closed vulnerabilities
Published: 2016-08-20
BDU:2016-02095
Уязвимость операционной системы Debian GNU/Linux и драйвера DBD::mysql, позволяющая нарушителю оказать неопределённое воздействие
Severity: CRITICAL (10.0)
References:
Published: 2016-08-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-8949
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
Severity: CRITICAL (9.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- DSA-3635
- DSA-3635
- [oss-security] 20160725 Use after free in my_login() function of DBD::mysql (Perl module)
- [oss-security] 20160725 Use after free in my_login() function of DBD::mysql (Perl module)
- [oss-security] 20160726 Re: Use after free in my_login() function of DBD::mysql (Perl module)
- [oss-security] 20160726 Re: Use after free in my_login() function of DBD::mysql (Perl module)
- 92118
- 92118
- https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.html
- https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.html
- https://github.com/perl5-dbi/DBD-mysql/blob/4.033_01/Changes
- https://github.com/perl5-dbi/DBD-mysql/blob/4.033_01/Changes
- https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156
- https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156
- https://github.com/perl5-dbi/DBD-mysql/pull/45
- https://github.com/perl5-dbi/DBD-mysql/pull/45
- GLSA-201701-51
- GLSA-201701-51