OESA-2022-1641

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1641

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2022-1641.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2022-1641

Upstream

CVE-2014-10402

Published

2022-05-11T11:03:45Z

Modified

2025-09-03T06:16:44.871419Z

Summary

perl-DBI security update

Details

The DBI is the standard database interface module for Perl.It defines a set of methods, variables and conventions that providea consistent database interface independent of the actual database being used.It is important to remember that the DBI is just an interface.The DBI is a layer of "glue" between an application and one or more database driver modules.It is the driver modules which do most of the real work. The DBI provides a standard interface and framework for the drivers to operate within.

Security Fix(es):

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.(CVE-2014-10402)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / perl-DBI

Package

Name: perl-DBI
Purl: pkg:rpm/openEuler/perl-DBI&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.643-2.oe1

Ecosystem specific

{
    "src": [
        "perl-DBI-1.643-2.oe1.src.rpm"
    ],
    "x86_64": [
        "perl-DBI-1.643-2.oe1.x86_64.rpm",
        "perl-DBI-debuginfo-1.643-2.oe1.x86_64.rpm",
        "perl-DBI-debugsource-1.643-2.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "perl-DBI-1.643-2.oe1.aarch64.rpm",
        "perl-DBI-debuginfo-1.643-2.oe1.aarch64.rpm",
        "perl-DBI-debugsource-1.643-2.oe1.aarch64.rpm"
    ],
    "noarch": [
        "perl-DBI-help-1.643-2.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / perl-DBI

Package

Name: perl-DBI
Purl: pkg:rpm/openEuler/perl-DBI&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.643-2.oe1

Ecosystem specific

{
    "src": [
        "perl-DBI-1.643-2.oe1.src.rpm"
    ],
    "x86_64": [
        "perl-DBI-1.643-2.oe1.x86_64.rpm",
        "perl-DBI-debuginfo-1.643-2.oe1.x86_64.rpm",
        "perl-DBI-debugsource-1.643-2.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "perl-DBI-1.643-2.oe1.aarch64.rpm",
        "perl-DBI-debuginfo-1.643-2.oe1.aarch64.rpm",
        "perl-DBI-debugsource-1.643-2.oe1.aarch64.rpm"
    ],
    "noarch": [
        "perl-DBI-help-1.643-2.oe1.noarch.rpm"
    ]
}

openEuler:22.03-LTS / perl-DBI

Package

Name: perl-DBI
Purl: pkg:rpm/openEuler/perl-DBI&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.643-3.oe2203

Ecosystem specific

{
    "src": [
        "perl-DBI-1.643-3.oe2203.src.rpm"
    ],
    "x86_64": [
        "perl-DBI-1.643-3.oe2203.x86_64.rpm",
        "perl-DBI-debuginfo-1.643-3.oe2203.x86_64.rpm",
        "perl-DBI-debugsource-1.643-3.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "perl-DBI-1.643-3.oe2203.aarch64.rpm",
        "perl-DBI-debuginfo-1.643-3.oe2203.aarch64.rpm",
        "perl-DBI-debugsource-1.643-3.oe2203.aarch64.rpm"
    ],
    "noarch": [
        "perl-DBI-help-1.643-3.oe2203.noarch.rpm"
    ]
}