https://bugzilla.redhat.com/show_bug.cgi?id=1467608 Petr Pisar <ppisar@xxxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Version|26 |27 Resolution|--- |WORKSFORME Last Closed|2018-05-29 13:19:46 |2018-07-17 03:14:23 --- Comment #11 from Petr Pisar <ppisar@xxxxxxxxxx> --- CVE-2017-10788 (an use-after-free when calling mysql_stmt_error() after mysql_stmt_close()) is fixed in upstream DBD-mysql-4.046 that is packaged in Fedora ≥ 28. Fedora 27 applies the fix on DBD-mysql-4.043. CVE-2017-10789 (MITM attack when mysql_ssl=1) is fixed again in upstream DBD-mysql-4.044 that is packaged in Fedora ≥ 28. Fedora 27 applies the fixes on DBD-mysql-4.043. Fedora ≥ 27 is not vulnerable. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx/message/WUU3U3AFBY3P4SKWRWODPQIZPIF4K2H7/
