Bug 529321 (CVE-2009-2942)
Summary: | CVE-2009-2942 ocaml-mysql: Missing escape function (DSA-1910-1) | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | rjones | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://www.debian.org/security/2009/dsa-1910 | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2009-10-16 10:55:57 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Jan Lieskovsky
2009-10-16 08:26:24 UTC
This issue affects the version of ocaml-mysql package, as shipped with Fedora releases of 10 and 11. Please fix. Created attachment 365024 [details]
Local copy of relevant bits from ocaml-mysql-CVE-2009-2942-lenny.patch
Built for dist-f13, F12, F11, F10. Same problem as before associating this BZ with the update: $ make update [...] Creating a new update for ocaml-mysql-1.0.4-8.fc11.1 Password for rjones: Creating a new update for ocaml-mysql-1.0.4-8.fc11.1 Update successfully created. Unable to access one or more bugs: <Fault 411: 'Password Expired'> ================================================================================ ocaml-mysql-1.0.4-8.fc11.1 ================================================================================ Release: Fedora 11 Status: pending Type: security Karma: 0 Request: testing Notes: Patch for CVE 2009-2942 Missing escape function (RHBZ#529321). Submitter: rjones Submitted: 2009-10-16 10:54:54 https://admin.fedoraproject.org/updates/ocaml-mysql-1.0.4-8.fc11.1 (In reply to comment #3) > Unable to access one or more bugs: <Fault 411: 'Password Expired'> https://fedorahosted.org/fedora-infrastructure/ticket/1737 ocaml-mysql-1.0.4-3.fc10.1 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. ocaml-mysql-1.0.4-8.fc11.1 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. |