[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE Request: DBD-mysql: use-after-free in mysql_dr_error
From: cve-assign () mitre ! org
Date: 2016-07-27 15:47:46
Message-ID: 20160727154746.8942C6C1043 () smtpvmsrv1 ! mitre ! org
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> https://github.com/perl5-dbi/DBD-mysql/pull/27
> https://github.com/perl5-dbi/DBD-mysql/commit/a56ae87a4c1c1fead7d09c3653905841ccccf1cc
> https://rt.cpan.org/Public/Bug/Display.html?id=97625
>> https://rt.cpan.org/Public/Bug/Display.html?id=97625#txn-1393444
>> The big problem with lost connections is that business logic wants to
>> keep reporting errors to a file in case of lost server connections.
>> This is related to RT #85919, though the root cause is this use-after
>> free here.
>> AddressSanitizer: heap-use-after-free
Use CVE-2014-9906.
- --
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXmNb9AAoJEHb/MwWLVhi2xlMQAK+b8lwVuQoS2/h2oq8BEQ2Y
UQdhvmjnJimPcYAsRxW16QTRAMMDalk/JWy52Z9RrQawxtnBTstug/hjG9oFGBI9
jnBVlkD/x02u6XKau7cbbuVJNj3bDB6vH5nd/nmNOVphANn5QfUqRsARmW3PH7KK
0rtfvkQtv8DSvZlmAubbQNu3puGdZgxEyai9PWDxPMvih822s5qARfjKVz1N1D+n
waFrLdPtt3msWsdVWpuezvIzLo219YQzjSJ8dOg0RDnFn3WVXOkV2SKC0JIrZG02
/JDhfZnVk8MxIKPHYrCtqOEdWqyvt2UEhWuyA272aotuB1zXw4CYNL3AfS49lOos
WM/at9hwoDI7KQvI2Px4vfP0oinZplcGwxmW7IATI3hoDi6jPq3KbU/MVU1ifCfV
swJvgD5FHJJUW0y5C7C8Wak9EgQ6B2aQUXwalKBGgQgAwkmuc1gXenKMWv6OLYRe
xdKYpIdDnU7fxQQjwyPPQs5TVy1MPGqBuGCIL1E9xeKDMR92PqUb6i8bRxMY5bkt
lFEZiEMh3OJ9JLL6x6gzLZFs3XOtmYUBRGG8JxBOpPjX0tjZsFUogBS3/CAOpsuZ
Gzptk7MXfukP3AqC2D5ruGeDp8pF5TPPUhFhwcl51eQBZiIIcOr6tB8ZC7xHwxeh
5jAxK3akfvVbLAjehOMP
=Daax
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic