--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-673cbb6bb4
2016-12-12 20:35:02.568884
--------------------------------------------------------------------------------

Name        : perl-DBD-MySQL
Product     : Fedora 25
Version     : 4.041
Release     : 1.fc25
URL         : https://metacpan.org/dist/DBD-mysql
Summary     : A MySQL interface for Perl
Description :
DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In
other words: DBD::mysql is an interface between the Perl programming language
and the MySQL programming API that comes with the MySQL relational database
management system.

--------------------------------------------------------------------------------
Update Information:

This release fixes CVE-2016-1251 vulnerability, a use after free when using
prepared statements.  ----  Updated to the latest version  ----  Security fix
for CVE-2016-1249
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1399580 - CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements
        https://bugzilla.redhat.com/show_bug.cgi?id=1399580
  [ 2 ] Bug #1395591 - CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side prepared statement support
        https://bugzilla.redhat.com/show_bug.cgi?id=1395591
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade perl-DBD-MySQL' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: perl-DBD-MySQL Security Update

December 13, 2016
This release fixes CVE-2016-1251 vulnerability, a use after free when using prepared statements

Summary

DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In

other words: DBD::mysql is an interface between the Perl programming language

and the MySQL programming API that comes with the MySQL relational database

management system.

Update Information:

This release fixes CVE-2016-1251 vulnerability, a use after free when using prepared statements. ---- Updated to the latest version ---- Security fix for CVE-2016-1249

Change Log

References

[ 1 ] Bug #1399580 - CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements https://bugzilla.redhat.com/show_bug.cgi?id=1399580 [ 2 ] Bug #1395591 - CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side prepared statement support https://bugzilla.redhat.com/show_bug.cgi?id=1395591

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade perl-DBD-MySQL' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : perl-DBD-MySQL
Product : Fedora 25
Version : 4.041
Release : 1.fc25
URL : https://metacpan.org/dist/DBD-mysql
Summary : A MySQL interface for Perl

Related News

32.Lock Code Circular Esm H170
2 - 4 min read
In the ever-evolving cybersecurity landscape, a new concern has come to light for Linux admins—a claimed zero-day vulnerability for Local Privilege
34.Key AbstractDigital Esm H170
2 - 4 min read
RansomHub, a Ransomware-as-a-Service (RaaS) platform, has emerged as a significant threat to organizations around the globe. Targeting Windows,
1.Penguin Landscape Esm H170
2 - 4 min read
As digital privacy and security evolves, anonymity cannot be overemphasized. Tails is a live operating system designed to keep its focus on privacy
32.Lock Code Circular Esm H170
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its
6.EmailConnection Touch Esm H170
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
20.Lock AbstractDigital Circular Esm H170
2 - 3 min read
Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other
20.Lock AbstractDigital Circular Esm H170
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server (apache2) impacting versions
24.Key Code Esm H170
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved