Fedora Account System
Red Hat Associate
Red Hat Customer
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders.
FEDORA-2026-9fdda5018f (perl-DBI-1.650-1.fc44) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2026-9fdda5018f
FEDORA-2026-71d7e4d1da (perl-DBI-1.650-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2026-71d7e4d1da
FEDORA-2026-9fdda5018f (perl-DBI-1.650-1.fc44) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report.