Bug#866818: libdbd-mysql-perl: CVE-2017-10788
Guido Günther
agx at sigxcpu.org
Wed Aug 30 16:55:42 UTC 2017
Hi,
On Wed, Aug 30, 2017 at 12:51:24PM -0400, Antoine Beaupre wrote:
> On Mon, Aug 28, 2017 at 02:56:36PM +0200, Guido Günther wrote:
> > I've pinged upstream again why the patch is still pending:
> >
> > https://github.com/perl5-dbi/DBD-mysql/issues/120#issuecomment-325342844
>
> After reviewing the original advisory and the suggested patch, I have
> opened that PR in:
>
> https://github.com/perl5-dbi/DBD-mysql/pull/142
>
> ... and will ship that in the coming LTS upload.
Great. Note that the original patch author is unhappy about the current
upstream handling of security fixes and is proposing a fork:
https://www.nntp.perl.org/group/perl.dbi.dev/2017/08/msg8030.html
This might be a timely coincidence but I don't think so.
Cheers,
-- Guido
>
> A.
>
> --
> If it's important for you, you'll find a way.
> If it's not, you'll find an excuse.
> - Unknown
More information about the pkg-perl-maintainers
mailing list