|
Message-ID: <20170703080007.GD2102@pali> Date: Mon, 3 Jul 2017 10:00:07 +0200 From: Pali Rohár <pali.rohar@...il.com> To: Adam Maris <amaris@...hat.com> Cc: oss-security@...ts.openwall.com Subject: CVE-2017-10788 for DBD::mysql (Re: Re: MySQL - use-after-free after mysql_stmt_close()) On Thursday 15 June 2017 15:50:42 Adam Maris wrote: > On Mon, 2017-06-12 at 23:47 +0200, Pali Rohár wrote: > > Hello! > > > > Any idea how to handle this particular problem? > > > > > > Hi! > > Given that Oracle (silently) updated the vulnerable example in their > documentation, this likely indicates the way to handle this - > applications that copied the vulnerable example needs to be fixed and > CVEs will be assigned per application. > > Best Regards, > Hi! Just to note that Mitre now assigned CVE-2017-10788 for DBD::mysql: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10788 -- Pali Rohár pali.rohar@...il.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.