Explore top 10 tips to secure your open-source projects now. Read More
×
This release fixes CVE-2016-1249 (out-of-bound read when using server-side prepared statements) and CVE-2016-1251 vulnerability (a use after free when using prepared statements).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-bf6c3ea62c 2016-12-16 17:00:39.623795 -------------------------------------------------------------------------------- Name : perl-DBD-MySQL Product : Fedora 23 Version : 4.033 Release : 4.fc23 URL : Summary : A MySQL interface for Perl Description : DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming language and the MySQL programming API that comes with the MySQL relational database management system. -------------------------------------------------------------------------------- Update Information: This release fixes CVE-2016-1249 (out-of-bound read when using server-side prepared statements) and CVE-2016-1251 vulnerability (a use after free when using prepared statements). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395591 - CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side prepared statement support https://bugzilla.redhat.com/show_bug.cgi?id=1395591 [ 2 ] Bug #1399580 - CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements https://bugzilla.redhat.com/show_bug.cgi?id=1399580 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade perl-DBD-MySQL' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Get the latest Linux and open source security news straight to your inbox.