-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3684-1 security@xxxxxxxxxx https://www.debian.org/security/ Florian Weimer October 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libdbd-mysql-perl CVE ID : CVE-2016-1246 Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service. For the stable distribution (jessie), this problem has been fixed in version 4.028-2+deb8u2. We recommend that you upgrade your libdbd-mysql-perl packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJX8pvgAAoJEL97/wQC1SS+WpkIALL0JHF9wO4NzQ7akLBW3aY4 sRDUnboupi6hD3vFeJAKPWidM42Iyu5qoWVvhGmVDQ6MaBf2GOZmN9xXSQTnXVvX vRcp76G4HDn5JvZbesYrWvnB5VHGTI7pBsnTDeqqzyxD1OE2UIrsyncG+QokHJrH iY6AXB/CYnftvE1nObr5eeBmtUaqHPxypZ5/S9KzFwCSWYWWhuxlSZ9KsP7rl4aF AOMy3IwSF/a4Jc5/r2qkgmjOU/n4NfmhSqiepJyMg0j5beGNG/Qt4NbY0s5dhAZF hAsJZEP+Eg57MuXj4sTcRGKFCSNCwF6XJEMjkAN5yIHK0Z/Q+CcIufbTloB4efw= =zm83 -----END PGP SIGNATURE-----