[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

BACKRONYM and CVE-2017-3305

Hi LTS team and Security team

I have started to look into CVE-2017-3305. As I understand both stable
and oldstable are unaffected by this vulnerability. The reason is that this is
an amendment of the correction for the BACKRONYM vulnerability.

What I do not understand however is whether mysql is vulnerable to the
backronym vulnerability or not.

I can not find any CVE for the BACKRONYM vulnerability. Or rather I can find it but that one is only for mariadb and percona https://security-tracker.debian.org/tracker/CVE-2015-3152.

Do any of you know whether the BACKRONYM has been fixed in mysql-5.5?
I thought I should ask before actually trying to reproduce it.

Best regards

// Ola

 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /

Reply to: