[Secure-testing-commits] r44544 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 13 05:03:45 UTC 2016
Author: carnil
Date: 2016-09-13 05:03:44 +0000 (Tue, 13 Sep 2016)
New Revision: 44544
Modified:
data/CVE/list
Log:
Add comments for Oracle MySQL commits and corresponding CVE(s), since there will be as well CVE-2016-6663 (with no details yet)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-13 04:58:49 UTC (rev 44543)
+++ data/CVE/list 2016-09-13 05:03:44 UTC (rev 44544)
@@ -4107,11 +4107,13 @@
- mysql-5.6 <unfixed>
- mysql-5.5 <removed>
NOTE: This will likely be split by MITRE, unclear what precisely maps to CVE-2016-6662
+ NOTE: As well unclear which commits from https://bugzilla.redhat.com/show_bug.cgi?id=1375198#c5 are associated
+ NOTE: yet to which CVE; those will unlikely made public before the next Oracle CPU.
+ NOTE: https://marc.info/?l=oss-security&m=147367658314062&w=2
NOTE: http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=998309
- NOTE: fixed in upstream Oracle MySQL 5.5.52, 5.6.33 and 5.7.15
+ NOTE: Fixed in upstream Oracle MySQL 5.5.52, 5.6.33 and 5.7.15
NOTE: supposedly fixed in perconadb and mariadb as well, to be confirmed
- NOTE: https://marc.info/?l=oss-security&m=147367658314062&w=2
NOTE: MariaDB: https://jira.mariadb.org/browse/MDEV-10465
CVE-2016-6661
RESERVED
More information about the Secure-testing-commits
mailing list