CVE-2009-2942
Published: 22 October 2009
The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
Priority
Status
Package | Release | Status |
---|---|---|
mysql-ocaml
Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(1.0.4-4+lenny1build0.8.04.1)
|
|
intrepid |
Released
(1.0.4-4+lenny1build0.8.10.1)
|
|
jaunty |
Released
(1.0.4-4+lenny1build0.9.04.1)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
(1.0.4-7)
|
|
maverick |
Not vulnerable
(1.0.4-7)
|
|
natty |
Not vulnerable
(1.0.4-7)
|
|
upstream |
Released
(1.0.4-7)
|
|
Patches:
vendor: http://www.debian.org/security/2009/dsa-1910 |