Date: Fri, 12 Sep 2014 14:04:42 +0200 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE Request: MySQL: MyISAM temporary file issue On Thu, 11 Sep 2014 16:49:45 -0700 Ritwik Ghoshal wrote: > On 9/11/2014 7:39 AM, Tomas Hoger wrote: > > April CPU mentions client issue CVE-2014-2440. Is it the same issue > > that got CVE-2014-0001 publicly assigned before? The versions that > > fixed CVE-2014-2440 are the same that got CVE-2014-0001 fix, and > > there's no mention of the CVE-2014-0001 in April CPU. > > Yes, CVE-2014-2440 is same as CVE-2014-0001. We have updated our CPU > April, 14 advisory with a note under MySQL risk matrix that states the > same. Please see - > http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html Awesome, thank you for the confirmation! Any hints on the remaining questions from the mail? :) -- Tomas Hoger / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ