Overview

File _patchinfo of Package patchinfo.6230

<patchinfo incident="6230">
  <issue id="1012546" tracker="bnc">VUL-0: CVE-2016-1251: perl-DBD-mysql: use after free when using prepared statements</issue>
  <issue id="1002626" tracker="bnc">VUL-0: CVE-2016-1246: perl-DBD-mysql: Buffer overflow in DBD-mysql error reporting</issue>
  <issue id="1010457" tracker="bnc">VUL-1: CVE-2016-1249: perl-DBD-mysql: Out-of-bounds read when using server-side prepared statement support</issue>
  <issue id="2016-1246" tracker="cve" />
  <issue id="2016-1249" tracker="cve" />
  <issue id="2016-1251" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>scarabeus_iv</packager>
  <description>This update for perl-DBD-mysql fixes the following issues:

- CVE-2016-1251: A use-after-free when used with mysql_server_prepare=1 (bsc#1012546).
- CVE-2016-1246: Buffer overflow allowed context-dependent attackers to cause a denial of service (crash) via vectors related to an error message (bsc#1002626).
- CVE-2016-1249: Out-of-bounds read when using server-side prepared statement support (bsc#1010457).

This update was imported from the SUSE:SLE-12:Update update project.</description>
  <summary>Security update for perl-DBD-mysql</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places