Описание
Security update for perl-DBD-mysql
This update for perl-DBD-mysql fixes the following issues:
- CVE-2016-1246: Buffer overflow allowed context-dependent attackers to cause a denial of service (crash) via vectors related to an error message (bsc#1002626).
- CVE-2016-1249: Out-of-bounds read when using server-side prepared statement support (bsc#1010457).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
perl-DBD-mysql-4.008-9.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
perl-DBD-mysql-4.008-9.1
SUSE Linux Enterprise Software Development Kit 11 SP4
perl-DBD-mysql-4.008-9.1
Ссылки
- Link for SUSE-SU-2017:0122-1
- E-Mail link for SUSE-SU-2017:0122-1
- SUSE Security Ratings
- SUSE Bug 1002626
- SUSE Bug 1010457
- SUSE CVE CVE-2016-1246 page
- SUSE CVE CVE-2016-1249 page
Описание
Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:perl-DBD-mysql-4.008-9.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:perl-DBD-mysql-4.008-9.1
SUSE Linux Enterprise Software Development Kit 11 SP4:perl-DBD-mysql-4.008-9.1
Ссылки
- CVE-2016-1246
- SUSE Bug 1002626
Описание
The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned number of placeholders in WHERE condition and output fields in SELECT expression.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:perl-DBD-mysql-4.008-9.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:perl-DBD-mysql-4.008-9.1
SUSE Linux Enterprise Software Development Kit 11 SP4:perl-DBD-mysql-4.008-9.1
Ссылки
- CVE-2016-1249
- SUSE Bug 1010457