Download
| Alert*
oval:org.secpod.oval:def:704640
unixodbc is installed oval:org.secpod.oval:def:115069 unixODBC is installed oval:org.secpod.oval:def:89002136 This update for unixODBC to version 2.3.6 fixes the following issues: - CVE-2018-7409: Buffer overflow in unicode_to_ansi_copy was fixed in 2.3.5 - CVE-2018-7485: Swapped arguments in SQLWriteFileDSN in odbcinst/SQLWriteFileDSN.c Other fixes: - Enabled --enable-fastvalidate option in configure oval:org.secpod.oval:def:1700268 A buffer overflow flaw was found in the unicode_to_ansi_copy function of unixODBC. This overflow is not directly controllable by an attacker making the maximum potential impact a crash or denial of service.An argument order confusion flaw was found in the SQLWriteFileDSN API of unixODBC. This could ... oval:org.secpod.oval:def:503290 The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Security Fix: * unixODBC: Buffer overflow in unicode_to_ansi_copy can lead to crash or other unspecified impact * unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFil ... oval:org.secpod.oval:def:205350 The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Security Fix: * unixODBC: Buffer overflow in unicode_to_ansi_copy can lead to crash or other unspecified impact * unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFil ... oval:org.secpod.oval:def:115068 Install unixODBC if you want to access databases through ODBC. You will also need the mariadb-connector-odbc package if you want to access a MySQL or MariaDB database, and/or the postgresql-odbc package for PostgreSQL. oval:org.secpod.oval:def:2000151 In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy function in DriverManager/__info.c. oval:org.secpod.oval:def:1900127 In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy function in DriverManager/__info.c. oval:org.secpod.oval:def:708860 unixodbc: Basic ODBC tools unixODBC could be made to crash or execute arbitrary code. oval:org.secpod.oval:def:99568 unixodbc: Basic ODBC tools unixODBC could be made to crash or execute arbitrary code. |