| Name | CVE-2014-0001 |
| Description | Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-75-1, DSA-2919-1 |
| Debian Bugs | 737596, 737597 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| mariadb-5.5 | source | (unstable) | 5.5.35-1 | low | 737597 | |
| mysql-5.1 | source | squeeze | 5.1.73-1+deb6u1 | DLA-75-1 | ||
| mysql-5.1 | source | (unstable) | (unfixed) | low | ||
| mysql-5.5 | source | wheezy | 5.5.37-0+wheezy1 | DSA-2919-1 | ||
| mysql-5.5 | source | (unstable) | 5.5.37-1 | low | 737596 | |
| percona-xtradb-cluster-5.5 | source | (unstable) | 5.5.37-25.10+dfsg-1 |
[squeeze] - mysql-5.1 <no-dsa> (Minor issue, currently not fixed in MySQL, can be included once fixed in 5.1.x)
https://bugzilla.redhat.com/show_bug.cgi?id=1054592
http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64