oss-sec mailing list archives
Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
From: Tomas Hoger <thoger () redhat com>
Date: Wed, 27 Jun 2012 13:47:05 +0200
On Mon, 18 Jun 2012 18:50:01 +0200 Tomas Hoger wrote:
Additionally, following bugs try to collect info on MySQL security fixes in the last released and an upcoming Oracle CPU: https://bugzilla.redhat.com/show_bug.cgi?id=832477 https://bugzilla.redhat.com/show_bug.cgi?id=832540 It would be nice if Oracle could confirm the mapping between CVEs and particular issues to avoid any incorrect guesses.
I was really hoping to see some comments form Oracle security team and an explicit confirmation of the correct CVE guesses. Is there a good reason why CVE mapping for public issues can not be provided? Thank you! -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- Security vulnerability in MySQL/MariaDB sql/password.c Sergei Golubchik (Jun 09)
- Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c) Tomas Hoger (Jun 18)
- Re: MySQL CVEs Kurt Seifried (Jun 19)
- Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c) Tomas Hoger (Jun 27)
- Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c) Tomas Hoger (Jun 18)