Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
From: Tomas Hoger <thoger () redhat com>
Date: Wed, 27 Jun 2012 13:47:05 +0200

On Mon, 18 Jun 2012 18:50:01 +0200 Tomas Hoger wrote:

Additionally, following bugs try to collect info on MySQL security
fixes in the last released and an upcoming Oracle CPU:

https://bugzilla.redhat.com/show_bug.cgi?id=832477
https://bugzilla.redhat.com/show_bug.cgi?id=832540

It would be nice if Oracle could confirm the mapping between CVEs and
particular issues to avoid any incorrect guesses.

I was really hoping to see some comments form Oracle security team and
an explicit confirmation of the correct CVE guesses.  Is there a good
reason why CVE mapping for public issues can not be provided?

Thank you!

-- 
Tomas Hoger / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault