You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa perl-DBD-MySQL

Sigurnosni nedostaci programskog paketa perl-DBD-MySQL

——————————————————————————–
Fedora Update Notification
FEDORA-2016-bf6c3ea62c
2016-12-16 17:00:39.623795
——————————————————————————–

Name : perl-DBD-MySQL
Product : Fedora 23
Version : 4.033
Release : 4.fc23
URL : http://search.cpan.org/dist/DBD-mysql/
Summary : A MySQL interface for Perl
Description :
DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In
other words: DBD::mysql is an interface between the Perl programming language
and the MySQL programming API that comes with the MySQL relational database
management system.

——————————————————————————–
Update Information:

This release fixes CVE-2016-1249 (out-of-bound read when using server-side
prepared statements) and CVE-2016-1251 vulnerability (a use after free when
using prepared statements).
——————————————————————————–
References:

[ 1 ] Bug #1395591 – CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side prepared statement support
https://bugzilla.redhat.com/show_bug.cgi?id=1395591
[ 2 ] Bug #1399580 – CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements
https://bugzilla.redhat.com/show_bug.cgi?id=1399580
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade perl-DBD-MySQL’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libgsf

Otkriven je sigurnosni nedostatak u programskoj biblioteci libgsf za Fedoru. Otkriveni nedostatak potencijalnim napadačima omogućuje rušenje servisa. Savjetuje se ažuriranje...

Close