mailing list archives
Re: MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
From: Tomas Hoger <thoger () redhat com>
Date: Wed, 27 Jun 2012 13:47:05 +0200
On Mon, 18 Jun 2012 18:50:01 +0200 Tomas Hoger wrote:
Additionally, following bugs try to collect info on MySQL security
fixes in the last released and an upcoming Oracle CPU:
It would be nice if Oracle could confirm the mapping between CVEs and
particular issues to avoid any incorrect guesses.
I was really hoping to see some comments form Oracle security team and
an explicit confirmation of the correct CVE guesses. Is there a good
reason why CVE mapping for public issues can not be provided?
Tomas Hoger / Red Hat Security Response Team