search

AOSC-Dev / aosc-os-abbs

ABBS/ACBS tree for AOSC OS package metadata, build configuration, scripts, and patches
https://packages.aosc.io
GNU General Public License v2.0
101 stars 80 forks source link

perl-dbd-mysql: CVE-2017-10788 CVE-2017-10789 #924

Closed l2dy closed 6 years ago

MingcongBai commented 6 years ago

Seems like the fix for CVE-2017-10789 was "reverted": https://github.com/perl5-dbi/DBD-mysql/pull/135. Not sure what happened here.

MingcongBai commented 6 years ago

@l2dy AOSA please, for https://github.com/AOSC-Dev/aosc-os-abbs/commit/2136e2aac6f5c3b39d62ff5c14b011fc292f9866 (CVE-2017-10788).

l2dy commented 6 years ago

Use AOSA-2018-0012 for CVE-2017-10788.

MingcongBai commented 6 years ago

It seems like 10789 has been fixed with https://github.com/perl5-dbi/DBD-mysql/commit/23e801272e35982fb7e5482ff033c881c970a857 and is already a part of our last update. Please confirm? @l2dy

liushuyu commented 6 years ago

Fix confirmed.

Closed as fixed