1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
PublicDateAtUSN: 2016-08-19
Candidate: CVE-2014-9906
PublicDate: 2016-08-19
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9906
https://github.com/perl5-dbi/DBD-mysql/pull/27
http://www.ubuntu.com/usn/usn-3103-1
Description:
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to
cause a denial of service (program crash) or possibly execute arbitrary
code via vectors related to a lost server connection.
Ubuntu-Description:
Notes:
Bugs:
https://rt.cpan.org/Public/Bug/Display.html?id=97625
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
Patches_libdbd-mysql-perl:
upstream: https://github.com/perl5-dbi/DBD-mysql/commit/c570f90b0aa6911ebf56da4595a5be86603c6923
upstream: https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc
upstream: https://github.com/perl5-dbi/DBD-mysql/commit/283c5dfc42c530aab06ad032cf25b816c0e70780
upstream_libdbd-mysql-perl: released (4.033-1)
precise_libdbd-mysql-perl: released (4.020-1ubuntu0.1)
trusty_libdbd-mysql-perl: released (4.025-1ubuntu0.1)
vivid/stable-phone-overlay_libdbd-mysql-perl: DNE
vivid/ubuntu-core_libdbd-mysql-perl: DNE
wily_libdbd-mysql-perl: ignored (reached end-of-life)
xenial_libdbd-mysql-perl: not-affected (4.033-1build2)
devel_libdbd-mysql-perl: not-affected
|