[Bug 1467608] CVE-2017-10788 CVE-2017-10789 perl-DBD-MySQL: various flaws [fedora-all]

bugzilla Tue, 17 Jul 2018 00:14:54 -0700

https://bugzilla.redhat.com/show_bug.cgi?id=1467608


Petr Pisar <ppi...@redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |CLOSED
            Version|26                          |27
         Resolution|---                         |WORKSFORME
        Last Closed|2018-05-29 13:19:46         |2018-07-17 03:14:23



--- Comment #11 from Petr Pisar <ppi...@redhat.com> ---
CVE-2017-10788 (an use-after-free when calling mysql_stmt_error() after
mysql_stmt_close()) is fixed in upstream DBD-mysql-4.046 that is packaged in
Fedora ≥ 28. Fedora 27 applies the fix on DBD-mysql-4.043.

CVE-2017-10789 (MITM attack when mysql_ssl=1) is fixed again in upstream
DBD-mysql-4.044 that is packaged in Fedora ≥ 28. Fedora 27 applies the fixes on
DBD-mysql-4.043.

Fedora ≥ 27 is not vulnerable.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org/message/WUU3U3AFBY3P4SKWRWODPQIZPIF4K2H7/

[Bug 1467608] CVE-2017-10788 CVE-2017-10789 perl-DBD-MySQL: various flaws [fedora-all]

Reply via email to