Devel::CheckLib failing on valid config. #109
Comments
|
Patching out Devel::CheckLib works for me. I suspect whatever is processing --mysql_config isn't making it in to the check? I'll investigate. |
Which version? Some versions of MariaDB are known to be broken, see reported bug: https://jira.mariadb.org/browse/MDEV-12056
Which means that library So recheck where you have your libmariadb.so stored, if it is correct symlink and if script supplied correct path... |
|
|
Please add |
|
I think it's compiling but then it's an rpath issue when it runs the test binary, right? |
|
|
this works: |
|
This is starting to look like a bug in Devel::CheckLib. I notice that when I get past this and run make, it sets LD_RUN_PATH, which Devel::CheckLib doesn't seem to be doing? |
|
Looks like @salva beat me to the analysis: mattn/p5-Devel-CheckLib#19 |
|
From your output it is for sure problem with rpath. And really path specified in env LD_RUN_PATH for gcc is stored in output ELF binary as RPATH. So I think it is bug in Devel::CheckLib too. But we could workaround it and set LD_RUN_PATH env in perl before calling assert_lib(). Do you have idea how to make or makemaker fill LD_RUN_PATH? |
|
EU::MM works fine. Devel::CheckLib is just reporting failure when there is none. |
|
Yes EU::MM works fine, but if tou find out how EU::MM fills LD_RUN_PATH env, then we can use same algorithm also for Devel::CheckLib or setting $ENV{LD_RUN_PATH} before calling assert_lib(). |
|
It should be fixed in Devel::CheckLib 1.08. In CHANGES is: |
mbeijen
added a commit
that referenced
this issue
Apr 15, 2017
mbeijen
added a commit
that referenced
this issue
Apr 16, 2017
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this issue
Jul 10, 2017
Upstream changes: 2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043) YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041 This version is the same as 4.041 with all its bugs and limitations. In version 4.042 there were some changes to Unicode handling that turned out to be causing issues with existing implementations. While it is possible to argue that the old behaviour was wrong and buggy, lots of applications and scripts were depending on this behaviour so it is NOT a good idea to change this. There were lots of commits since 4.041, we'll add those back bit by bit in a future release, excluding the ones which cause problems. 2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01) * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali) * Specify bigint as test dependency. 2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042) * Full release to include development releases 4.041_2 and 4.041_1. 2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2) * Statement handle now also has mysql_sock attribute, just as database handle. (by Pali) * Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and Giovanni Bechis, fix by Pali. https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html perl5-dbi/DBD-mysql#78 * Fix UTF8-encoding of table names, field names, warnings and error messages. Reported by Tanabe Yoshinori, fix by Pali. https://rt.cpan.org/Public/Bug/Display.html?id=120141 * Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by Vladimir Marek. perl5-dbi/DBD-mysql#95 * Improve regex for removing database from dsn (pali) https://rt.cpan.org/Public/Bug/Display.html?id=118837 * Locate MySQL libs using Devel::CheckLib (pali) * Support async on Windows (pali) * Fix test suite on range of older and newer MySQL and MariaDB versions (perl5-dbi/DBD-mysql#87) * Fix compilation on MySQL 4.1 (pali) * Do not leak dangling pointer to mysql result (pali) * Fix logic when assigning to variable bind_comment_placeholders (pali) * mysql_fd() still returned file descriptor after closing connection. Reported by Larry Leszczynski, fixed by Pali Roh獺r. (https://rt.cpan.org/Public/Bug/Display.html?id=110983) * Fix parsing configure libs from mysql_config --libs output in Makefile.PL Libraries in mysql_config --libs output can be specified by library name with the -l prefix or by absolute path to library name without any prefix. Parameters must start with a hyphen, so treat all options without leading hyphen in mysql_config --libs output as libraries with full path. Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898 Fix by Pali Roh獺r. * Fix support for magic scalars (pali) (perl5-dbi/DBD-mysql#76) 2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1) * Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4, previous versions of DBD::mysql did not properly encode input statements to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the column charset. Fix by Pali Roh獺r. Reported and feedback on fix by Marc Lehmann (https://rt.cpan.org/Public/Bug/Display.html?id=87428) Also, the UTF-8 flag was not set for decoded data: (https://rt.cpan.org/Public/Bug/Display.html?id=53130) * Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Roh獺r. (https://rt.cpan.org/Public/Bug/Display.html?id=118977)
derekstraka
pushed a commit
to derekstraka/meta-openembedded
that referenced
this issue
Jan 26, 2018
Changes: 2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043) YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041 This version is the same as 4.041 with all its bugs and limitations. In version 4.042 there were some changes to Unicode handling that turned out to be causing issues with existing implementations. While it is possible to argue that the old behaviour was wrong and buggy, lots of applications and scripts were depending on this behaviour so it is NOT a good idea to change this. There were lots of commits since 4.041, we'll add those back bit by bit in a future release, excluding the ones which cause problems. 2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01) * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali) * Specify bigint as test dependency. 2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042) * Full release to include development releases 4.041_2 and 4.041_1. 2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2) * Statement handle now also has mysql_sock attribute, just as database handle. (by Pali) * Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and Giovanni Bechis, fix by Pali. https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html perl5-dbi/DBD-mysql#78 * Fix UTF8-encoding of table names, field names, warnings and error messages. Reported by Tanabe Yoshinori, fix by Pali. https://rt.cpan.org/Public/Bug/Display.html?id=120141 * Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by Vladimir Marek. perl5-dbi/DBD-mysql#95 * Improve regex for removing database from dsn (pali) https://rt.cpan.org/Public/Bug/Display.html?id=118837 * Locate MySQL libs using Devel::CheckLib (pali) * Support async on Windows (pali) * Fix test suite on range of older and newer MySQL and MariaDB versions (perl5-dbi/DBD-mysql#87) * Fix compilation on MySQL 4.1 (pali) * Do not leak dangling pointer to mysql result (pali) * Fix logic when assigning to variable bind_comment_placeholders (pali) * mysql_fd() still returned file descriptor after closing connection. Reported by Larry Leszczynski, fixed by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=110983) * Fix parsing configure libs from mysql_config --libs output in Makefile.PL Libraries in mysql_config --libs output can be specified by library name with the -l prefix or by absolute path to library name without any prefix. Parameters must start with a hyphen, so treat all options without leading hyphen in mysql_config --libs output as libraries with full path. Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898 Fix by Pali Rohár. * Fix support for magic scalars (pali) (perl5-dbi/DBD-mysql#76) 2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1) * Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4, previous versions of DBD::mysql did not properly encode input statements to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the column charset. Fix by Pali Rohár. Reported and feedback on fix by Marc Lehmann (https://rt.cpan.org/Public/Bug/Display.html?id=87428) Also, the UTF-8 flag was not set for decoded data: (https://rt.cpan.org/Public/Bug/Display.html?id=53130) * Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=118977) 2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041) * Fix use-after-free for repeated fetchrow_arrayref calls when mysql_server_prepare=1 Function dbd_st_fetch() via Renew() can reallocate output buffer for mysql_stmt_fetch() call. But it does not update pointer to that buffer in imp_sth->stmt structure initialized by mysql_stmt_bind_result() function. That leads to use-after-free in any mysql function which access imp_sth->stmt structure (e.g. mysql_stmt_fetch()). This patch fix this problem and properly updates pointer in imp_sth->stmt structure after Renew() call. This is a medium level security issue to which the Debian security team assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár. * auto_reconnect now also matches CR_SERVER_LOST, previously this only matched CR_SERVER_GONE. Fixes http://bugs.mysql.com/bug.php?id=27613 Fix suggested by Wouter de Jong. * Fix compilation fixes (Pali Rohár). 2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040) * Since 4.038 we had problems compiling on big-endian architectures, such as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538) and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835) for reporting the issues. Fix by Pali Rohár. Fix integer types when server side prepare statements are enabled Fixed problems: * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead 64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit * All unsigned types were handled as signed, so all high positive values were treated as negative * Numeric conversions in perl which led to overflow/underflow was ignored even when mysql strict mode was enabled * Test t/41int_min_max.t was running only for normal non-prepared statements * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers 2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039) * Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali) 2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01) * Fix compilation of embedded server (pali) (perl5-dbi/DBD-mysql#68) * Fix compilation against libmariadbclient. First version by H.Merijn Brand, improved by Bernt Johnsen @ Oracle. * For efficiency use newSVpvn() instead newSVpv() where possible (pali) * Correctly coerce fetched scalar values when mysql_server_prepare is not used (pali) * Add support for fetching columns of BIT type with mysql_server_prepare = 1 (pali) Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006 * Use correct format in printf instead of casting variable types (pali) * Include errno.h for MYSQL_ASYNC because it uses errno variable (pali) * Travis: also test on perl 5.22 and 5.24. 2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038) * Version 4.037_1 had fixes for MySQL 8.0 provided Bernt Johnsen @ Oracle that were not in the Changelogs (perl5-dbi/DBD-mysql#56) * Fixes for compiling against newer libmysqlclient on Windows (kmx) * Fix unit test for 40server_prepare_crash on Windows (pali) * Perl's IV in scalar can store 64bit integer when perl was compiled with 64 bit support (default on 64bit linux with gcc). Use this feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings when possible. (pali, perl5-dbi/DBD-mysql#57) 2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01) * Newest versions of libmysqlclient and the MariaDB C connector no longer export the __WIN__ macro. If this macro is not present we would not compile in the poll.h-based async-support. Changed to use the _WIN32 macro instead. Thanks to Sergei Golubchik for suggesting the fix. * Fix from Pali Rohár for use-after-free in prepared statements, changes to bind logic, and added test 40server_prepare_crash. 2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037) * Security release to patch possible buffer overflow in unsafe sprintf with variable length. Reported and fixed by Pali Rohár. This vulnerability is present in all releases at least back to versions 3.0 of the driver, which were released in 2005. The CVE identifier for this vulnerability is CVE-2016-1246. Signed-off-by: Tim Orling <[email protected]> Signed-off-by: Armin Kuster <[email protected]>
halstead
pushed a commit
to openembedded/meta-openembedded
that referenced
this issue
Jan 27, 2018
Changes: 2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043) YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041 This version is the same as 4.041 with all its bugs and limitations. In version 4.042 there were some changes to Unicode handling that turned out to be causing issues with existing implementations. While it is possible to argue that the old behaviour was wrong and buggy, lots of applications and scripts were depending on this behaviour so it is NOT a good idea to change this. There were lots of commits since 4.041, we'll add those back bit by bit in a future release, excluding the ones which cause problems. 2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01) * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali) * Specify bigint as test dependency. 2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042) * Full release to include development releases 4.041_2 and 4.041_1. 2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2) * Statement handle now also has mysql_sock attribute, just as database handle. (by Pali) * Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and Giovanni Bechis, fix by Pali. https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html perl5-dbi/DBD-mysql#78 * Fix UTF8-encoding of table names, field names, warnings and error messages. Reported by Tanabe Yoshinori, fix by Pali. https://rt.cpan.org/Public/Bug/Display.html?id=120141 * Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by Vladimir Marek. perl5-dbi/DBD-mysql#95 * Improve regex for removing database from dsn (pali) https://rt.cpan.org/Public/Bug/Display.html?id=118837 * Locate MySQL libs using Devel::CheckLib (pali) * Support async on Windows (pali) * Fix test suite on range of older and newer MySQL and MariaDB versions (perl5-dbi/DBD-mysql#87) * Fix compilation on MySQL 4.1 (pali) * Do not leak dangling pointer to mysql result (pali) * Fix logic when assigning to variable bind_comment_placeholders (pali) * mysql_fd() still returned file descriptor after closing connection. Reported by Larry Leszczynski, fixed by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=110983) * Fix parsing configure libs from mysql_config --libs output in Makefile.PL Libraries in mysql_config --libs output can be specified by library name with the -l prefix or by absolute path to library name without any prefix. Parameters must start with a hyphen, so treat all options without leading hyphen in mysql_config --libs output as libraries with full path. Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898 Fix by Pali Rohár. * Fix support for magic scalars (pali) (perl5-dbi/DBD-mysql#76) 2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1) * Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4, previous versions of DBD::mysql did not properly encode input statements to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the column charset. Fix by Pali Rohár. Reported and feedback on fix by Marc Lehmann (https://rt.cpan.org/Public/Bug/Display.html?id=87428) Also, the UTF-8 flag was not set for decoded data: (https://rt.cpan.org/Public/Bug/Display.html?id=53130) * Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=118977) 2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041) * Fix use-after-free for repeated fetchrow_arrayref calls when mysql_server_prepare=1 Function dbd_st_fetch() via Renew() can reallocate output buffer for mysql_stmt_fetch() call. But it does not update pointer to that buffer in imp_sth->stmt structure initialized by mysql_stmt_bind_result() function. That leads to use-after-free in any mysql function which access imp_sth->stmt structure (e.g. mysql_stmt_fetch()). This patch fix this problem and properly updates pointer in imp_sth->stmt structure after Renew() call. This is a medium level security issue to which the Debian security team assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár. * auto_reconnect now also matches CR_SERVER_LOST, previously this only matched CR_SERVER_GONE. Fixes http://bugs.mysql.com/bug.php?id=27613 Fix suggested by Wouter de Jong. * Fix compilation fixes (Pali Rohár). 2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040) * Since 4.038 we had problems compiling on big-endian architectures, such as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538) and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835) for reporting the issues. Fix by Pali Rohár. Fix integer types when server side prepare statements are enabled Fixed problems: * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead 64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit * All unsigned types were handled as signed, so all high positive values were treated as negative * Numeric conversions in perl which led to overflow/underflow was ignored even when mysql strict mode was enabled * Test t/41int_min_max.t was running only for normal non-prepared statements * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers 2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039) * Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali) 2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01) * Fix compilation of embedded server (pali) (perl5-dbi/DBD-mysql#68) * Fix compilation against libmariadbclient. First version by H.Merijn Brand, improved by Bernt Johnsen @ Oracle. * For efficiency use newSVpvn() instead newSVpv() where possible (pali) * Correctly coerce fetched scalar values when mysql_server_prepare is not used (pali) * Add support for fetching columns of BIT type with mysql_server_prepare = 1 (pali) Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006 * Use correct format in printf instead of casting variable types (pali) * Include errno.h for MYSQL_ASYNC because it uses errno variable (pali) * Travis: also test on perl 5.22 and 5.24. 2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038) * Version 4.037_1 had fixes for MySQL 8.0 provided Bernt Johnsen @ Oracle that were not in the Changelogs (perl5-dbi/DBD-mysql#56) * Fixes for compiling against newer libmysqlclient on Windows (kmx) * Fix unit test for 40server_prepare_crash on Windows (pali) * Perl's IV in scalar can store 64bit integer when perl was compiled with 64 bit support (default on 64bit linux with gcc). Use this feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings when possible. (pali, perl5-dbi/DBD-mysql#57) 2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01) * Newest versions of libmysqlclient and the MariaDB C connector no longer export the __WIN__ macro. If this macro is not present we would not compile in the poll.h-based async-support. Changed to use the _WIN32 macro instead. Thanks to Sergei Golubchik for suggesting the fix. * Fix from Pali Rohár for use-after-free in prepared statements, changes to bind logic, and added test 40server_prepare_crash. 2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037) * Security release to patch possible buffer overflow in unsafe sprintf with variable length. Reported and fixed by Pali Rohár. This vulnerability is present in all releases at least back to versions 3.0 of the driver, which were released in 2005. The CVE identifier for this vulnerability is CVE-2016-1246. Signed-off-by: Tim Orling <[email protected]> Signed-off-by: Armin Kuster <[email protected]>
mbeijen
added a commit
that referenced
this issue
Feb 12, 2018
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this issue
Sep 9, 2018
2018-09-08 Daniël van Eeden, Patrick Galbraith, DBI/DBD community (4.047) * Add options needed for public key based security. * Allow several spaces after LIMIT clause. * Basic GTID tracking. * Fix GCC 8.1 warnings * Fix warning: unused variable ‘buffer_len’ * Fix warning about bind->is_null assignment with incompatible pointer type * Get rid of warning about unused variable ssl_verify_set * Fix space/tab issue which leads to misleading indentation * Change spaces/tabs to get rid of GCC8 warning 2018-03-09 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.046_01) * Updated documentation re. multithreading (Daniël van Eeden) * Remove #IFDEFs for code detecting ancient DBI versions. The minimum DBI version we require is version 1.609 from 2009! * ChopBlanks should not trim binary fields (urcheon) * Skipped test which failed on OpenBSD because Proc::ProcessTable does not come with a 'size' attribute on this platform (glasswalk3r, pali) * Improved test suite with regards to MySQL 8.0 * Improved macOS installation notes. * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Specify bigint as test dependency * Add recommends and suggests tests dependencies (pali) * Check only for libs via Devel::CheckLib in Makefile.PL (pali) * Remove param --with-mysql from Makefile.PL documentation (pali) * Check if specified Makefile.PL settings are working (pali) Fixes https://rt.cpan.org/Ticket/Display.html?id=119902 * Remember mysql_config value for Makefile.PL (pali) * Locate MySQL libs using Devel::CheckLib (pali) * Added a fix for 30insertfetch failure when using server-side prepared statements. The stmt was being freed for DML statements before the handle attribute was read, mysql_info was reading back nulls
bigio
pushed a commit
to bigio/DBD-mysql
that referenced
this issue
Jan 9, 2019
bigio
pushed a commit
to bigio/DBD-mysql
that referenced
this issue
Jan 9, 2019
sgunin
pushed a commit
to sgunin/oe-meta-openembedded-contrib
that referenced
this issue
Mar 17, 2024
Changes: 2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043) YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041 This version is the same as 4.041 with all its bugs and limitations. In version 4.042 there were some changes to Unicode handling that turned out to be causing issues with existing implementations. While it is possible to argue that the old behaviour was wrong and buggy, lots of applications and scripts were depending on this behaviour so it is NOT a good idea to change this. There were lots of commits since 4.041, we'll add those back bit by bit in a future release, excluding the ones which cause problems. 2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01) * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali) * Specify bigint as test dependency. 2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042) * Full release to include development releases 4.041_2 and 4.041_1. 2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2) * Statement handle now also has mysql_sock attribute, just as database handle. (by Pali) * Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and Giovanni Bechis, fix by Pali. https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html perl5-dbi/DBD-mysql#78 * Fix UTF8-encoding of table names, field names, warnings and error messages. Reported by Tanabe Yoshinori, fix by Pali. https://rt.cpan.org/Public/Bug/Display.html?id=120141 * Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by Vladimir Marek. perl5-dbi/DBD-mysql#95 * Improve regex for removing database from dsn (pali) https://rt.cpan.org/Public/Bug/Display.html?id=118837 * Locate MySQL libs using Devel::CheckLib (pali) * Support async on Windows (pali) * Fix test suite on range of older and newer MySQL and MariaDB versions (perl5-dbi/DBD-mysql#87) * Fix compilation on MySQL 4.1 (pali) * Do not leak dangling pointer to mysql result (pali) * Fix logic when assigning to variable bind_comment_placeholders (pali) * mysql_fd() still returned file descriptor after closing connection. Reported by Larry Leszczynski, fixed by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=110983) * Fix parsing configure libs from mysql_config --libs output in Makefile.PL Libraries in mysql_config --libs output can be specified by library name with the -l prefix or by absolute path to library name without any prefix. Parameters must start with a hyphen, so treat all options without leading hyphen in mysql_config --libs output as libraries with full path. Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898 Fix by Pali Rohár. * Fix support for magic scalars (pali) (perl5-dbi/DBD-mysql#76) 2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1) * Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4, previous versions of DBD::mysql did not properly encode input statements to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the column charset. Fix by Pali Rohár. Reported and feedback on fix by Marc Lehmann (https://rt.cpan.org/Public/Bug/Display.html?id=87428) Also, the UTF-8 flag was not set for decoded data: (https://rt.cpan.org/Public/Bug/Display.html?id=53130) * Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=118977) 2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041) * Fix use-after-free for repeated fetchrow_arrayref calls when mysql_server_prepare=1 Function dbd_st_fetch() via Renew() can reallocate output buffer for mysql_stmt_fetch() call. But it does not update pointer to that buffer in imp_sth->stmt structure initialized by mysql_stmt_bind_result() function. That leads to use-after-free in any mysql function which access imp_sth->stmt structure (e.g. mysql_stmt_fetch()). This patch fix this problem and properly updates pointer in imp_sth->stmt structure after Renew() call. This is a medium level security issue to which the Debian security team assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár. * auto_reconnect now also matches CR_SERVER_LOST, previously this only matched CR_SERVER_GONE. Fixes http://bugs.mysql.com/bug.php?id=27613 Fix suggested by Wouter de Jong. * Fix compilation fixes (Pali Rohár). 2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040) * Since 4.038 we had problems compiling on big-endian architectures, such as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538) and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835) for reporting the issues. Fix by Pali Rohár. Fix integer types when server side prepare statements are enabled Fixed problems: * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead 64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit * All unsigned types were handled as signed, so all high positive values were treated as negative * Numeric conversions in perl which led to overflow/underflow was ignored even when mysql strict mode was enabled * Test t/41int_min_max.t was running only for normal non-prepared statements * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers 2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039) * Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali) 2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01) * Fix compilation of embedded server (pali) (perl5-dbi/DBD-mysql#68) * Fix compilation against libmariadbclient. First version by H.Merijn Brand, improved by Bernt Johnsen @ Oracle. * For efficiency use newSVpvn() instead newSVpv() where possible (pali) * Correctly coerce fetched scalar values when mysql_server_prepare is not used (pali) * Add support for fetching columns of BIT type with mysql_server_prepare = 1 (pali) Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006 * Use correct format in printf instead of casting variable types (pali) * Include errno.h for MYSQL_ASYNC because it uses errno variable (pali) * Travis: also test on perl 5.22 and 5.24. 2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038) * Version 4.037_1 had fixes for MySQL 8.0 provided Bernt Johnsen @ Oracle that were not in the Changelogs (perl5-dbi/DBD-mysql#56) * Fixes for compiling against newer libmysqlclient on Windows (kmx) * Fix unit test for 40server_prepare_crash on Windows (pali) * Perl's IV in scalar can store 64bit integer when perl was compiled with 64 bit support (default on 64bit linux with gcc). Use this feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings when possible. (pali, perl5-dbi/DBD-mysql#57) 2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01) * Newest versions of libmysqlclient and the MariaDB C connector no longer export the __WIN__ macro. If this macro is not present we would not compile in the poll.h-based async-support. Changed to use the _WIN32 macro instead. Thanks to Sergei Golubchik for suggesting the fix. * Fix from Pali Rohár for use-after-free in prepared statements, changes to bind logic, and added test 40server_prepare_crash. 2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037) * Security release to patch possible buffer overflow in unsafe sprintf with variable length. Reported and fixed by Pali Rohár. This vulnerability is present in all releases at least back to versions 3.0 of the driver, which were released in 2005. The CVE identifier for this vulnerability is CVE-2016-1246. Signed-off-by: Tim Orling <[email protected]>
daregit
pushed a commit
to daregit/yocto-combined
that referenced
this issue
May 22, 2024
Changes: 2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043) YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041 This version is the same as 4.041 with all its bugs and limitations. In version 4.042 there were some changes to Unicode handling that turned out to be causing issues with existing implementations. While it is possible to argue that the old behaviour was wrong and buggy, lots of applications and scripts were depending on this behaviour so it is NOT a good idea to change this. There were lots of commits since 4.041, we'll add those back bit by bit in a future release, excluding the ones which cause problems. 2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01) * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali) * Specify bigint as test dependency. 2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042) * Full release to include development releases 4.041_2 and 4.041_1. 2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2) * Statement handle now also has mysql_sock attribute, just as database handle. (by Pali) * Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and Giovanni Bechis, fix by Pali. https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html perl5-dbi/DBD-mysql#78 * Fix UTF8-encoding of table names, field names, warnings and error messages. Reported by Tanabe Yoshinori, fix by Pali. https://rt.cpan.org/Public/Bug/Display.html?id=120141 * Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by Vladimir Marek. perl5-dbi/DBD-mysql#95 * Improve regex for removing database from dsn (pali) https://rt.cpan.org/Public/Bug/Display.html?id=118837 * Locate MySQL libs using Devel::CheckLib (pali) * Support async on Windows (pali) * Fix test suite on range of older and newer MySQL and MariaDB versions (perl5-dbi/DBD-mysql#87) * Fix compilation on MySQL 4.1 (pali) * Do not leak dangling pointer to mysql result (pali) * Fix logic when assigning to variable bind_comment_placeholders (pali) * mysql_fd() still returned file descriptor after closing connection. Reported by Larry Leszczynski, fixed by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=110983) * Fix parsing configure libs from mysql_config --libs output in Makefile.PL Libraries in mysql_config --libs output can be specified by library name with the -l prefix or by absolute path to library name without any prefix. Parameters must start with a hyphen, so treat all options without leading hyphen in mysql_config --libs output as libraries with full path. Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898 Fix by Pali Rohár. * Fix support for magic scalars (pali) (perl5-dbi/DBD-mysql#76) 2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1) * Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4, previous versions of DBD::mysql did not properly encode input statements to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the column charset. Fix by Pali Rohár. Reported and feedback on fix by Marc Lehmann (https://rt.cpan.org/Public/Bug/Display.html?id=87428) Also, the UTF-8 flag was not set for decoded data: (https://rt.cpan.org/Public/Bug/Display.html?id=53130) * Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=118977) 2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041) * Fix use-after-free for repeated fetchrow_arrayref calls when mysql_server_prepare=1 Function dbd_st_fetch() via Renew() can reallocate output buffer for mysql_stmt_fetch() call. But it does not update pointer to that buffer in imp_sth->stmt structure initialized by mysql_stmt_bind_result() function. That leads to use-after-free in any mysql function which access imp_sth->stmt structure (e.g. mysql_stmt_fetch()). This patch fix this problem and properly updates pointer in imp_sth->stmt structure after Renew() call. This is a medium level security issue to which the Debian security team assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár. * auto_reconnect now also matches CR_SERVER_LOST, previously this only matched CR_SERVER_GONE. Fixes http://bugs.mysql.com/bug.php?id=27613 Fix suggested by Wouter de Jong. * Fix compilation fixes (Pali Rohár). 2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040) * Since 4.038 we had problems compiling on big-endian architectures, such as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538) and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835) for reporting the issues. Fix by Pali Rohár. Fix integer types when server side prepare statements are enabled Fixed problems: * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead 64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit * All unsigned types were handled as signed, so all high positive values were treated as negative * Numeric conversions in perl which led to overflow/underflow was ignored even when mysql strict mode was enabled * Test t/41int_min_max.t was running only for normal non-prepared statements * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers 2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039) * Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali) 2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01) * Fix compilation of embedded server (pali) (perl5-dbi/DBD-mysql#68) * Fix compilation against libmariadbclient. First version by H.Merijn Brand, improved by Bernt Johnsen @ Oracle. * For efficiency use newSVpvn() instead newSVpv() where possible (pali) * Correctly coerce fetched scalar values when mysql_server_prepare is not used (pali) * Add support for fetching columns of BIT type with mysql_server_prepare = 1 (pali) Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006 * Use correct format in printf instead of casting variable types (pali) * Include errno.h for MYSQL_ASYNC because it uses errno variable (pali) * Travis: also test on perl 5.22 and 5.24. 2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038) * Version 4.037_1 had fixes for MySQL 8.0 provided Bernt Johnsen @ Oracle that were not in the Changelogs (perl5-dbi/DBD-mysql#56) * Fixes for compiling against newer libmysqlclient on Windows (kmx) * Fix unit test for 40server_prepare_crash on Windows (pali) * Perl's IV in scalar can store 64bit integer when perl was compiled with 64 bit support (default on 64bit linux with gcc). Use this feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings when possible. (pali, perl5-dbi/DBD-mysql#57) 2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01) * Newest versions of libmysqlclient and the MariaDB C connector no longer export the __WIN__ macro. If this macro is not present we would not compile in the poll.h-based async-support. Changed to use the _WIN32 macro instead. Thanks to Sergei Golubchik for suggesting the fix. * Fix from Pali Rohár for use-after-free in prepared statements, changes to bind logic, and added test 40server_prepare_crash. 2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037) * Security release to patch possible buffer overflow in unsafe sprintf with variable length. Reported and fixed by Pali Rohár. This vulnerability is present in all releases at least back to versions 3.0 of the driver, which were released in 2005. The CVE identifier for this vulnerability is CVE-2016-1246. Signed-off-by: Tim Orling <[email protected]> Signed-off-by: Armin Kuster <[email protected]>
daregit
pushed a commit
to daregit/yocto-combined
that referenced
this issue
May 22, 2024
Changes: 2017-06-29 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.043) YOUR ATTENTION PLEASE, THIS IS A REVERT TO 4.041 This version is the same as 4.041 with all its bugs and limitations. In version 4.042 there were some changes to Unicode handling that turned out to be causing issues with existing implementations. While it is possible to argue that the old behaviour was wrong and buggy, lots of applications and scripts were depending on this behaviour so it is NOT a good idea to change this. There were lots of commits since 4.041, we'll add those back bit by bit in a future release, excluding the ones which cause problems. 2017-??-?? Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042_01) * Use Devel::CheckLib 1.09 or newer, fixes perl5-dbi/DBD-mysql#109 * Improve CI testing on AppVeyor: caching, path to cpan, configure deps (pali) * Specify bigint as test dependency. 2017-03-08 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.042) * Full release to include development releases 4.041_2 and 4.041_1. 2017-02-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_2) * Statement handle now also has mysql_sock attribute, just as database handle. (by Pali) * Fix type conversions for magic types. Issue reported by Dmitriy Yatsenko and Giovanni Bechis, fix by Pali. https://lists.amavis.org/pipermail/amavis-users/2016-December/004674.html perl5-dbi/DBD-mysql#78 * Fix UTF8-encoding of table names, field names, warnings and error messages. Reported by Tanabe Yoshinori, fix by Pali. https://rt.cpan.org/Public/Bug/Display.html?id=120141 * Fix mysql_auto_reconnect when using mysql_server_prepare (pali). Reported by Vladimir Marek. perl5-dbi/DBD-mysql#95 * Improve regex for removing database from dsn (pali) https://rt.cpan.org/Public/Bug/Display.html?id=118837 * Locate MySQL libs using Devel::CheckLib (pali) * Support async on Windows (pali) * Fix test suite on range of older and newer MySQL and MariaDB versions (perl5-dbi/DBD-mysql#87) * Fix compilation on MySQL 4.1 (pali) * Do not leak dangling pointer to mysql result (pali) * Fix logic when assigning to variable bind_comment_placeholders (pali) * mysql_fd() still returned file descriptor after closing connection. Reported by Larry Leszczynski, fixed by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=110983) * Fix parsing configure libs from mysql_config --libs output in Makefile.PL Libraries in mysql_config --libs output can be specified by library name with the -l prefix or by absolute path to library name without any prefix. Parameters must start with a hyphen, so treat all options without leading hyphen in mysql_config --libs output as libraries with full path. Partially fixes bug https://rt.cpan.org/Public/Bug/Display.html?id=100898 Fix by Pali Rohár. * Fix support for magic scalars (pali) (perl5-dbi/DBD-mysql#76) 2016-12-12 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041_1) * Unicode fixes: when using mysql_enable_utf8 or mysql_enable_utf8mb4, previous versions of DBD::mysql did not properly encode input statements to UTF-8 and retrieved columns were always UTF-8 decoded regardless of the column charset. Fix by Pali Rohár. Reported and feedback on fix by Marc Lehmann (https://rt.cpan.org/Public/Bug/Display.html?id=87428) Also, the UTF-8 flag was not set for decoded data: (https://rt.cpan.org/Public/Bug/Display.html?id=53130) * Return INTs with ZEROFILL as strings. Reported by Knarf, fix by Pali Rohár. (https://rt.cpan.org/Public/Bug/Display.html?id=118977) 2016-11-28 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.041) * Fix use-after-free for repeated fetchrow_arrayref calls when mysql_server_prepare=1 Function dbd_st_fetch() via Renew() can reallocate output buffer for mysql_stmt_fetch() call. But it does not update pointer to that buffer in imp_sth->stmt structure initialized by mysql_stmt_bind_result() function. That leads to use-after-free in any mysql function which access imp_sth->stmt structure (e.g. mysql_stmt_fetch()). This patch fix this problem and properly updates pointer in imp_sth->stmt structure after Renew() call. This is a medium level security issue to which the Debian security team assigned identifier CVE-2016-1251. Discovered and fixed by Pali Rohár. * auto_reconnect now also matches CR_SERVER_LOST, previously this only matched CR_SERVER_GONE. Fixes http://bugs.mysql.com/bug.php?id=27613 Fix suggested by Wouter de Jong. * Fix compilation fixes (Pali Rohár). 2016-11-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.040) * Since 4.038 we had problems compiling on big-endian architectures, such as MIPS, s390 and Sparc. Thanks to Salvatore Bonaccorso @ Debian project (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844538) and Vladimir Marek (https://rt.cpan.org/Public/Bug/Display.html?id=118835) for reporting the issues. Fix by Pali Rohár. Fix integer types when server side prepare statements are enabled Fixed problems: * SQL_BIGINT was incorrectly handled as 32bit MYSQL_TYPE_LONG type instead 64bit MYSQL_TYPE_LONGLONG which led to integer overflow/underflow * 32bit MYSQL_TYPE_LONG was used for perl's IV storage when IV was 64bit and 64bit MYSQL_TYPE_LONGLONG was used when IV was 32bit * All unsigned types were handled as signed, so all high positive values were treated as negative * Numeric conversions in perl which led to overflow/underflow was ignored even when mysql strict mode was enabled * Test t/41int_min_max.t was running only for normal non-prepared statements * Test t/40server_prepare.t used incorrect SQL type for big (64bit) integers 2016-11-15 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.039) * Fix for security issue Out-of-bounds read by DBD::mysql CVE-2016-1249 (pali) 2016-10-30 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038_01) * Fix compilation of embedded server (pali) (perl5-dbi/DBD-mysql#68) * Fix compilation against libmariadbclient. First version by H.Merijn Brand, improved by Bernt Johnsen @ Oracle. * For efficiency use newSVpvn() instead newSVpv() where possible (pali) * Correctly coerce fetched scalar values when mysql_server_prepare is not used (pali) * Add support for fetching columns of BIT type with mysql_server_prepare = 1 (pali) Fixes https://rt.cpan.org/Public/Bug/Display.html?id=88006 * Use correct format in printf instead of casting variable types (pali) * Include errno.h for MYSQL_ASYNC because it uses errno variable (pali) * Travis: also test on perl 5.22 and 5.24. 2016-10-19 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.038) * Version 4.037_1 had fixes for MySQL 8.0 provided Bernt Johnsen @ Oracle that were not in the Changelogs (perl5-dbi/DBD-mysql#56) * Fixes for compiling against newer libmysqlclient on Windows (kmx) * Fix unit test for 40server_prepare_crash on Windows (pali) * Perl's IV in scalar can store 64bit integer when perl was compiled with 64 bit support (default on 64bit linux with gcc). Use this feature and stores MYSQL_TYPE_LONGLONG as integers instead of strings when possible. (pali, perl5-dbi/DBD-mysql#57) 2016-10-14 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037_01) * Newest versions of libmysqlclient and the MariaDB C connector no longer export the __WIN__ macro. If this macro is not present we would not compile in the poll.h-based async-support. Changed to use the _WIN32 macro instead. Thanks to Sergei Golubchik for suggesting the fix. * Fix from Pali Rohár for use-after-free in prepared statements, changes to bind logic, and added test 40server_prepare_crash. 2016-10-03 Patrick Galbraith, Michiel Beijen, DBI/DBD community (4.037) * Security release to patch possible buffer overflow in unsafe sprintf with variable length. Reported and fixed by Pali Rohár. This vulnerability is present in all releases at least back to versions 3.0 of the driver, which were released in 2005. The CVE identifier for this vulnerability is CVE-2016-1246. Signed-off-by: Tim Orling <[email protected]> Signed-off-by: Armin Kuster <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Previously working and bisected to the introduction of Devel::CheckLib in 9eda4cc
I'm using the mariadb-native-client modules for linking from mysql.so.
perl Makefile.PL INSTALLDIRS=vendor --mysql_config=/usr/local/cpanel/3rdparty/bin/mariadb_config
When I run, I get:
The text was updated successfully, but these errors were encountered: