Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 970096@bugs.debian.org, Salvatore Bonaccorso <carnil@debian.org>
Subject: Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
From: Xavier <yadd@debian.org>
Date: Thu, 17 Sep 2020 22:23:46 +0200
Message-id: <[🔎] fe6b08b0-eff4-d90e-ba17-ee0042c607ad@debian.org>
Reply-to: Xavier <yadd@debian.org>, 970096@bugs.debian.org
In-reply-to: <[🔎] aade6d707245f0a7e9701d9e5d83f206e4175574.camel@adam-barratt.org.uk>
References: <[🔎] 159984012099.89916.13355953097485186296.reportbug@deb007.xnr.fr> <[🔎] 20200911193850.GA280790@eldamar.local> <[🔎] 291c126e-82b6-b742-ff90-d06d289ee98c@debian.org> <[🔎] 159984012099.89916.13355953097485186296.reportbug@deb007.xnr.fr> <[🔎] 1f6fcb5e-977d-aece-bfc2-e01ec487b0a0@debian.org> <[🔎] aade6d707245f0a7e9701d9e5d83f206e4175574.camel@adam-barratt.org.uk> <[🔎] 159984012099.89916.13355953097485186296.reportbug@deb007.xnr.fr>

Le 17/09/2020 à 21:26, Adam D. Barratt a écrit :
> Control: tags -1 + confirmed
> 
> On Sat, 2020-09-12 at 08:50 +0200, Xavier wrote:
>>
> 
> +libdbi-perl (1.642-1+deb10u1) buster; urgency=medium
> +
> +  * Fix memory corruption in XS functions when Perl stack is reallocated
> +    (Closes: CVE-2020-14392)
> +  * Fix a buffer overflow on an overlong DBD class name
> +    (Closes: CVE-2020-14393)
> +
> + -- Xavier Guimard <yadd@debian.org>  Thu, 10 Sep 2020 10:04:13 +0200
> 
> Please go ahead.
> 
> Regards,
> 
> Adam

Hi,

I'm going to try to add also this patch (for CVE-2019-20919:
https://github.com/perl5-dbi/dbi/commit/eca7d7c8f

I'll push a new debdiff after tests

Cheers,
Xavier

Reply to:

Follow-Ups:
- Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
  - From: Xavier <yadd@debian.org>

References:
- Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
  - From: Xavier Guimard <yadd@debian.org>
- Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
  - From: Xavier <yadd@debian.org>
- Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
  - From: Xavier <yadd@debian.org>
- Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Re: Bug#968296: buster-pu: calamares-settings-debian 10.0.20-1+deb10u4
Next by Date: Bug#968296: calamares-settings-debian 10.0.20-1+deb10u4 flagged for acceptance
Previous by thread: Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
Next by thread: Bug#970096: buster-pu: package libdbi-perl/1.642-1+deb10u1
Index(es):
- Date
- Thread