Hi LTS team and Security team I have started to look into CVE-2017-3305. As I understand both stable and oldstable are unaffected by this vulnerability. The reason is that this is an amendment of the correction for the BACKRONYM vulnerability.
What I do not understand however is whether mysql is vulnerable to the backronym vulnerability or not. I can not find any CVE for the BACKRONYM vulnerability. Or rather I can find it but that one is only for mariadb and percona https://security-tracker.debian.org/tracker/CVE-2015-3152. Do any of you know whether the BACKRONYM has been fixed in mysql-5.5? I thought I should ask before actually trying to reproduce it. Best regards // Ola -- --- Inguza Technology AB --- MSc in Information Technology ---- / o...@inguza.com Folkebogatan 26 \ | o...@debian.org 654 68 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
