[Secure-testing-commits] r44522 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Sep 12 14:19:45 UTC 2016
Author: jmm
Date: 2016-09-12 14:19:45 +0000 (Mon, 12 Sep 2016)
New Revision: 44522
Modified:
data/CVE/list
Log:
fix source package names for mysql/mariadb, add note
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-12 12:57:07 UTC (rev 44521)
+++ data/CVE/list 2016-09-12 14:19:45 UTC (rev 44522)
@@ -1476,8 +1476,10 @@
CVE-2016-6663
RESERVED
CVE-2016-6662 [privilege escalation through ld_preload hijacking and my.cnf rewrite]
- - mysql-server <unfixed>
- - mariadb-server <unfixed>
+ - mariadb-10.0 <unfixed>
+ - mysql-5.6 <unfixed>
+ - mysql-5.5 <removed>
+ NOTE: This will likely be split by MITRE, unclear what precisely maps to CVE-2016-6662
NOTE: http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=CVE-2016-6662
NOTE: fixed in mysql-server 5.5.52
More information about the Secure-testing-commits
mailing list