ALT-PU-2016-2374-1
Package perl-DBD-mysql updated to version 4.041-alt1 for branch sisyphus in task 173743.
Closed vulnerabilities
Published: 2016-11-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-1251
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.
Severity: HIGH (8.1)
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- http://www.openwall.com/lists/oss-security/2016/11/28/2
- http://www.openwall.com/lists/oss-security/2016/11/28/2
- 94573
- 94573
- https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1
- https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1
- https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1
- https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1
- GLSA-201701-51
- GLSA-201701-51
- https://tracker.debian.org/news/819888
- https://tracker.debian.org/news/819888