Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Sep 2014 14:04:42 +0200
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: MySQL: MyISAM temporary file issue

On Thu, 11 Sep 2014 16:49:45 -0700 Ritwik Ghoshal wrote:

> On 9/11/2014 7:39 AM, Tomas Hoger wrote:
> > April CPU mentions client issue CVE-2014-2440.  Is it the same issue
> > that got CVE-2014-0001 publicly assigned before?  The versions that
> > fixed CVE-2014-2440 are the same that got CVE-2014-0001 fix, and
> > there's no mention of the CVE-2014-0001 in April CPU.
> 
> Yes, CVE-2014-2440 is same as CVE-2014-0001. We have updated our CPU
> April, 14 advisory with a note under MySQL risk matrix that states the
> same. Please see -
> http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Awesome, thank you for the confirmation!

Any hints on the remaining questions from the mail? :)

-- 
Tomas Hoger / Red Hat Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ