[debian-mysql] Bug#687484: Bug#687484: Status of CVE-2012-4414: SQL injection
Norvald H. Ryeng
norvald.ryeng at oracle.com
Tue Sep 30 08:20:59 UTC 2014
On Tue, 30 Sep 2014 08:19:26 +0200, Henri Salo <henri at nerv.fi> wrote:
> What is current status of CVE-2012-4414? Information about the issue in
> http://www.openwall.com/lists/oss-security/2012/09/11/4
>
> Marked as grave and security without any comments from maintainers.
> Plans to
> patch this issue? If not could you please give reasoning, thank you.
This issue was fixed as CVE-2013-0375 in MySQL 5.1.67 and 5.5.29 [1].
CVE-2013-0375 and CVE-2012-4414 are equivalent.
Regards,
Norvald H. Ryeng
[1]
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html#AppendixMSQL
More information about the pkg-mysql-maint
mailing list