Date: Mon, 3 Jul 2017 10:00:07 +0200 From: Pali Rohár <pali.rohar@...il.com> To: Adam Maris <amaris@...hat.com> Cc: oss-security@...ts.openwall.com Subject: CVE-2017-10788 for DBD::mysql (Re: Re: MySQL - use-after-free after mysql_stmt_close()) On Thursday 15 June 2017 15:50:42 Adam Maris wrote: > On Mon, 2017-06-12 at 23:47 +0200, Pali Rohár wrote: > > Hello! > > > > Any idea how to handle this particular problem? > > > > > > Hi! > > Given that Oracle (silently) updated the vulnerable example in their > documentation, this likely indicates the way to handle this - > applications that copied the vulnerable example needs to be fixed and > CVEs will be assigned per application. > > Best Regards, > Hi! Just to note that Mitre now assigned CVE-2017-10788 for DBD::mysql: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10788 -- Pali Rohár pali.rohar@...il.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ