Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 15 Jun 2017 15:50:42 +0200
From: Adam Maris <amaris@...hat.com>
To: pali.rohar@...il.com, oss-security@...ts.openwall.com
Subject: Re: Re: MySQL - use-after-free after
 mysql_stmt_close()

On Mon, 2017-06-12 at 23:47 +0200, Pali Rohár wrote:
> Hello!
> 
> Any idea how to handle this particular problem?
> 
> 

Hi!

Given that Oracle (silently) updated the vulnerable example in their
documentation, this likely indicates the way to handle this -
applications that copied the vulnerable example needs to be fixed and
CVEs will be assigned per application.

Best Regards,

-- 
Adam Mariš, Red Hat Product Security
1CCD 3446 0529 81E3 86AF  2D4C 4869 76E7 BEF0 6BC2 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ