Bug 19050 - perl-DBD-mysql new use-after-free security issues (CVE-2014-9906 and CVE-2015-8949)
Summary: perl-DBD-mysql new use-after-free security issues (CVE-2014-9906 and CVE-2015...
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/695956/
Whiteboard: advisory, MGA5-32-OK
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2016-07-25 20:15 CEST by David Walser
Modified: 2016-09-16 11:28 CEST (History)
4 users (show)

See Also:
Source RPM: perl-DBD-mysql-4.32.0-3.mga6.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2016-07-25 20:15:26 CEST 
A security issue in perl-DBD-mysql has been reported:
http://openwall.com/lists/oss-security/2016/07/25/13

It is fixed in 4.034 and a patch is linked in the message above.

Mageia 5 is also affected.
David Walser 2016-07-25 20:15:39 CEST

CC: (none) => guillomovitch, mageia

David Walser 2016-07-25 20:16:05 CEST

Whiteboard: (none) => MGA5TOO

Comment 1 David Walser 2016-07-27 16:10:11 CEST 
CVE-2015-8949 has been assigned:
http://openwall.com/lists/oss-security/2016/07/27/1

Summary: perl-DBD-mysql new use-after-free security issue => perl-DBD-mysql new use-after-free security issue (CVE-2015-8949)

Comment 2 David Walser 2016-07-27 18:46:15 CEST 
CVE-2014-9906 assigned for an issue fixed in 4.029 (Mageia 5 has 4.028):
http://openwall.com/lists/oss-security/2016/07/27/6

Commit to fix it also linked in the message above.

Summary: perl-DBD-mysql new use-after-free security issue (CVE-2015-8949) => perl-DBD-mysql new use-after-free security issues (CVE-2014-9906 and CVE-2015-8949)

Comment 3 David Walser 2016-07-30 10:49:40 CEST 
perl-DBD-mysql-4.35.0-1.mga6 uploaded for Cauldron by Guillaume.

Version: Cauldron => 5
Whiteboard: MGA5TOO => (none)

Comment 4 David Walser 2016-08-08 21:17:21 CEST 
Debian has issued an advisory for this on July 29:
https://www.debian.org/security/2016/dsa-3635

URL: (none) => http://lwn.net/Vulnerabilities/695956/

Comment 5 David Walser 2016-08-11 23:50:49 CEST 
Patched package submitted for Mageia 5.

Advisory:
========================

Updated perl-DBD-mysql package fixes security vulnerabilities:

Two use-after-free vulnerabilities were discovered in DBD::mysql. A remote
attacker can take advantage of these flaws to cause a denial-of-service against
an application using DBD::mysql (application crash), or potentially to execute
arbitrary code with the privileges of the user running the application
(CVE-2014-9906, CVE-2015-8949).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8949
https://www.debian.org/security/2016/dsa-3635
========================

Updated packages in core/updates_testing:
========================
perl-DBD-mysql-4.28.0-3.1.mga5

from perl-DBD-mysql-4.28.0-3.1.mga5.src.rpm

Assignee: jquelin => qa-bugs

Comment 6 Dave Hodgins 2016-09-07 04:15:08 CEST 
Validating based on the update installing cleanly.

Keywords: (none) => validated_update
Whiteboard: (none) => advisory, MGA5-32-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 7 Mageia Robot 2016-09-16 11:28:02 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0300.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.