[debian-mysql] Bug#737596: mysql-5.5: CVE-2014-0001: command-line tool buffer overflow via long server version string

Salvatore Bonaccorso carnil at debian.org
Tue Feb 4 05:51:50 UTC 2014


Source: mysql-5.5
Severity: important
Tags: security upstream

Hi,

the following vulnerability was published for mysql-5.5.

CVE-2014-0001[0]:
command-line tool buffer overflow via long server version string

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
    http://security-tracker.debian.org/tracker/CVE-2014-0001
[1] http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1054592

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore



More information about the pkg-mysql-maint mailing list