Описание
Security update for perl-DBD-mysql
This update for perl-DBD-mysql fixes the following issues:
- CVE-2016-1251: A use-after-free when used with mysql_server_prepare=1 (bsc#1012546).
- CVE-2016-1246: Buffer overflow allowed context-dependent attackers to cause a denial of service (crash) via vectors related to an error message (bsc#1002626).
- CVE-2016-1249: Out-of-bounds read when using server-side prepared statement support (bsc#1010457).
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.1
openSUSE Leap 42.2
Ссылки
- E-Mail link for openSUSE-SU-2017:0252-1
- SUSE Security Ratings
Описание
Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.
Затронутые продукты
Ссылки
- CVE-2016-1246
- SUSE Bug 1002626
Описание
The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned number of placeholders in WHERE condition and output fields in SELECT expression.
Затронутые продукты
Ссылки
- CVE-2016-1249
- SUSE Bug 1010457
Описание
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysql_server_prepare=1.
Затронутые продукты
Ссылки
- CVE-2016-1251
- SUSE Bug 1012546