Debian DLA-2386-1 : libdbi-perl security update

Several vulnerabilities were discovered in the Perl5 Database Interface DBI. An attacker could trigger a denial of service DoS and possibly execute arbitrary code. CVE-2019-20919 The hvfetch documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls...

[SECURITY] [DLA 2386-1] libdbi-perl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2386-1 [email protected] https://www.debian.org/lts/security/ September 28, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

DBD::mysql: Multiple vulnerabilities

Background MySQL driver for the Perl5 Database Interface DBI Description Multiple vulnerabilities have been discovered in DBD::mysql. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a Denial of Service condition, execute arbitrary code, or have other...

p5-DBI -- insecure temporary file creation vulnerability

Javier Fernández-Sanguino Peña reports: The DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library...