Name | CVE-2016-2047 |
Description | The ssl_verify_server_cert function in sql-common/client.c in MariaDB ... |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more) |
References | DLA-447-1, DSA-3453-1, DSA-3557-1 |
Debian Bugs | 821094, 821100 |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
mariadb-10.0 | source | jessie | 10.0.23-0+deb8u1 | DSA-3453-1 | ||
mariadb-10.0 | source | (unstable) | 10.0.23-1 | |||
mysql-5.5 | source | wheezy | 5.5.49-0+deb7u1 | DLA-447-1 | ||
mysql-5.5 | source | jessie | 5.5.49-0+deb8u1 | DSA-3557-1 | ||
mysql-5.5 | source | (unstable) | (unfixed) | 821100 | ||
mysql-5.6 | source | (unstable) | 5.6.30-1 | 821094 |
https://mariadb.atlassian.net/browse/MDEV-9212
https://github.com/MariaDB/server/commit/f0d774d48416bb06063184380b684380ca005a41
[squeeze] - mysql-5.5 <no-dsa> (will be fixed along with an upcoming Oracle CPU)
http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html