1
Candidate: CVE-2018-7485
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7485
6
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC
7
2.3.5 has strncpy arguments in the wrong order, which allows attackers to
8
cause a denial of service or possibly have unspecified other impact.
11
mdeslaur> introduced by https://github.com/lurcher/unixODBC/commit/4f9f77fb4204659ec9b7be8745d9e05a539c80b9
12
mdeslaur> which is listed as containing the fix for CVE-2018-7409.
13
mdeslaur> we will not be backporting the full commit that introduced the
14
mdeslaur> regression, so this is marked as not-affected
22
upstream: https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f
23
upstream_unixodbc: needs-triage
24
precise/esm_unixodbc: not-affected
25
trusty_unixodbc: not-affected
26
xenial_unixodbc: not-affected
27
artful_unixodbc: not-affected
28
devel_unixodbc: not-affected