Debian Security Advisory
DSA-3684-1 libdbd-mysql-perl -- security update
- Date Reported:
- 03 Oct 2016
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-1246.
- More information:
Pali Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.
For the stable distribution (jessie), this problem has been fixed in version 4.028-2+deb8u2.
We recommend that you upgrade your libdbd-mysql-perl packages.