|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2016-bf6c3ea62c (perl-DBD-MySQL)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 23 Update: perl-DBD-MySQL-4.033-4.fc23 


Date:
    	      Sat, 17 Dec 2016 00:23:56 +0000 (UTC)


Message-ID:
    	      <20161217002356.F253660608F9@bastion01.phx2.fedoraproject.org>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-bf6c3ea62c
2016-12-16 17:00:39.623795
--------------------------------------------------------------------------------

Name        : perl-DBD-MySQL
Product     : Fedora 23
Version     : 4.033
Release     : 4.fc23
URL         : http://search.cpan.org/dist/DBD-mysql/
Summary     : A MySQL interface for Perl
Description :
DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In
other words: DBD::mysql is an interface between the Perl programming language
and the MySQL programming API that comes with the MySQL relational database
management system.

--------------------------------------------------------------------------------
Update Information:

This release fixes CVE-2016-1249 (out-of-bound read when using server-side
prepared statements) and CVE-2016-1251 vulnerability (a use after free when
using prepared statements).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1395591 - CVE-2016-1249 perl-DBD-MySQL: Out-of-bounds read when using server-side
prepared statement support
        https://bugzilla.redhat.com/show_bug.cgi?id=1395591
  [ 2 ] Bug #1399580 - CVE-2016-1251 perl-DBD-MySQL: Use after free when using prepared statements
        https://bugzilla.redhat.com/show_bug.cgi?id=1399580
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade perl-DBD-MySQL' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds