DBI 1.627_94 Deleted
Security Advisories
CVE-2020-14393
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
Fixed version: >=1.643
Severity: high
Reported: 2020-09-16
CVE-2020-14392
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR/
- https://bugzilla.redhat.com/show_bug.cgi?id=1877402
- https://bugzilla.redhat.com/show_bug.cgi?id=1877402
- https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00067.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00074.html
- https://usn.ubuntu.com/4503-1/
Fixed version: >=1.643
Severity: high
Reported: 2020-06-17
CVE-2019-20919
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20919
- https://github.com/perl5-dbi/dbi/commit/eca7d7c8f43d96f6277e86d1000e842eb4cc67ff
- https://bugzilla.redhat.com/show_bug.cgi?id=1877405
- https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/US6VXPKVAYHOKNFSAFLM3FWNYZSJKQHS/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KJN7E27GD6QQ2CRGEJ3TNW2DJFXA2AKN/
- https://ubuntu.com/security/notices/USN-4534-1
Fixed version: >=1.643
Severity: high
Reported: 2020-09-17
DBD::File drivers open files from folders other than specifically passed using the f_dir attribute.
Fixed version: >=1.632
Severity: high
Reported: 2014-10-15
CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
Severity: medium
Reported: 2020-09-16
CVE-2014-10401
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
- https://rt.cpan.org/Public/Bug/Display.html?id=99508
- https://github.com/perl5-dbi/dbi/commit/caedc0d7d602f5b2ae5efc1b00f39efeafb7b05a
- https://usn.ubuntu.com/4509-1/
Severity: medium
Reported: 2020-09-11
CVE-2013-7491
An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.
- https://github.com/perl5-dbi/dbi/commit/401f1221311c71f760e21c98772f0f7e3cbead1d
- https://rt.cpan.org/Public/Bug/Display.html?id=85562
Severity: medium
Reported: 2020-09-11
CVE-2013-7490
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
- https://github.com/perl5-dbi/dbi/commit/a8b98e988d6ea2946f5f56691d6d5ead53f65766
- https://rt.cpan.org/Public/Bug/Display.html?id=86744#txn-1880941
- https://usn.ubuntu.com/4509-1/
Severity: medium
Reported: 2020-09-11
Kwalitee Issues
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Bundle::DBI, DBI::Const::GetInfo::ANSI, DBI::Const::GetInfo::ODBC, DBI::FAQ, Win32::DBIODBC
- main_module_version_matches_dist_version
-
Make sure that the main module name and version are the same of the distribution.
- has_tests_in_t_dir
-
Add tests or move tests.pl to the t/ directory!
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Bundle::DBI, DBD::DBM, DBD::ExampleP, DBD::Gofer, DBD::NullP, DBD::Proxy, DBD::Sponge, DBI, DBI::Const::GetInfo::ANSI, DBI::Const::GetInfo::ODBC, DBI::Const::GetInfoReturn, DBI::Const::GetInfoType, DBI::DBD, DBI::DBD::Metadata, DBI::FAQ, DBI::Gofer::Request, DBI::Gofer::Response, DBI::Profile, DBI::ProfileData, DBI::ProfileDumper, DBI::ProfileDumper::Apache, DBI::ProxyServer, DBI::PurePerl, DBI::Util::_accessor, DBI::W32ODBC, Win32::DBIODBC
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 0.009396,0.009479,0.009950,0.010088,0.010315,0.011566,0.012537,0.014121,0.014283,0.014599,0.015327,0.015586,0.06,0.08,0.2004,0.3005,0.42,1.014935,1.015544,1.628,12.008696,12.010003,12.014311,12.014715,12.015129,2.008697,2.010008,2.011374,2.014121,2.014214,2.015065,2.015325
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Bundle::DBI | A bundle to install DBI and required modules. | 12.008696 | metacpan |
DBD::DBM | a DBI driver for DBM & MLDBM files | 0.08 | metacpan |
DBD::ExampleP | 12.014311 | metacpan | |
DBD::File | Base class for writing file based DBI drivers | 0.42 | metacpan |
DBD::Gofer | A stateless-proxy driver for communicating with a remote DBI | 0.015327 | metacpan |
DBD::Gofer::Policy::Base | Base class for DBD::Gofer policies | 0.010088 | metacpan |
DBD::Gofer::Policy::classic | The 'classic' policy for DBD::Gofer | 0.010088 | metacpan |
DBD::Gofer::Policy::pedantic | The 'pedantic' policy for DBD::Gofer | 0.010088 | metacpan |
DBD::Gofer::Policy::rush | The 'rush' policy for DBD::Gofer | 0.010088 | metacpan |
DBD::Gofer::Transport::Base | base class for DBD::Gofer client transports | 0.014121 | metacpan |
DBD::Gofer::Transport::corostream | Async DBD::Gofer stream transport using Coro and AnyEvent | metacpan | |
DBD::Gofer::Transport::null | DBD::Gofer client transport for testing | 0.010088 | metacpan |
DBD::Gofer::Transport::pipeone | DBD::Gofer client transport for testing | 0.010088 | metacpan |
DBD::Gofer::Transport::stream | DBD::Gofer transport for stdio streaming | 0.014599 | metacpan |
DBD::NullP | 12.014715 | metacpan | |
DBD::Proxy | A proxy driver for the DBI | 0.2004 | metacpan |
DBD::Sponge | Create a DBI statement handle from Perl data | 12.010003 | metacpan |
DBI | Database independent interface for Perl | 1.628 | metacpan |
DBI::Const::GetInfo::ANSI | ISO/IEC SQL/CLI Constants for GetInfo | 2.008697 | metacpan |
DBI::Const::GetInfo::ODBC | ODBC Constants for GetInfo | 2.011374 | metacpan |
DBI::Const::GetInfoReturn | Data and functions for describing GetInfo results | 2.008697 | metacpan |
DBI::Const::GetInfoType | Data describing GetInfo type codes | 2.008697 | metacpan |
DBI::DBD | Perl DBI Database Driver Writer's Guide | 12.015129 | metacpan |
DBI::DBD::Metadata | Generate the code and data for some DBI metadata methods | 2.014214 | metacpan |
DBI::DBD::SqlEngine | Base class for DBI drivers without their own SQL engine | 0.06 | metacpan |
DBI::FAQ | The Frequently Asked Questions for the Perl5 Database Interface | 1.014935 | metacpan |
DBI::Gofer::Execute | Executes Gofer requests and returns Gofer responses | 0.014283 | metacpan |
DBI::Gofer::Request | Encapsulate a request from DBD::Gofer to DBI::Gofer::Execute | 0.012537 | metacpan |
DBI::Gofer::Response | Encapsulate a response from DBI::Gofer::Execute to DBD::Gofer | 0.011566 | metacpan |
DBI::Gofer::Serializer::Base | base class for Gofer serialization | 0.009950 | metacpan |
DBI::Gofer::Serializer::DataDumper | Gofer serialization using DataDumper | 0.009950 | metacpan |
DBI::Gofer::Serializer::Storable | Gofer serialization using Storable | 0.015586 | metacpan |
DBI::Gofer::Transport::Base | Base class for Gofer transports | 0.012537 | metacpan |
DBI::Gofer::Transport::pipeone | DBD::Gofer server-side transport for pipeone | 0.012537 | metacpan |
DBI::Gofer::Transport::stream | DBD::Gofer server-side transport for stream | 0.012537 | metacpan |
DBI::Profile | Performance profiling and benchmarking for the DBI | 2.015065 | metacpan |
DBI::ProfileData | manipulate DBI::ProfileDumper data dumps | 2.010008 | metacpan |
DBI::ProfileDumper | profile DBI usage and output data to a file | 2.015325 | metacpan |
DBI::ProfileDumper::Apache | capture DBI profiling data from Apache/mod_perl | 2.014121 | metacpan |
DBI::ProfileSubs | Subroutines for dynamic profile Path | 0.009396 | metacpan |
DBI::ProxyServer | a server for the DBD::Proxy driver | 0.3005 | metacpan |
DBI::SQL::Nano | a very tiny SQL engine | 1.015544 | metacpan |
DBI::Util::CacheMemory | a very fast but very minimal subset of Cache::Memory | 0.010315 | metacpan |
DBI::Util::_accessor | 0.009479 | metacpan |
Provides
Name | File | View |
---|---|---|
DBD::DBM::Statement | lib/DBD/DBM.pm | metacpan |
DBD::DBM::Table | lib/DBD/DBM.pm | metacpan |
DBD::DBM::db | lib/DBD/DBM.pm | metacpan |
DBD::DBM::dr | lib/DBD/DBM.pm | metacpan |
DBD::DBM::st | lib/DBD/DBM.pm | metacpan |
DBD::ExampleP::db | lib/DBD/ExampleP.pm | metacpan |
DBD::ExampleP::dr | lib/DBD/ExampleP.pm | metacpan |
DBD::ExampleP::st | lib/DBD/ExampleP.pm | metacpan |
DBD::File::DataSource::File | lib/DBD/File.pm | metacpan |
DBD::File::DataSource::Stream | lib/DBD/File.pm | metacpan |
DBD::File::Statement | lib/DBD/File.pm | metacpan |
DBD::File::Table | lib/DBD/File.pm | metacpan |
DBD::File::TableSource::FileSystem | lib/DBD/File.pm | metacpan |
DBD::File::db | lib/DBD/File.pm | metacpan |
DBD::File::dr | lib/DBD/File.pm | metacpan |
DBD::File::st | lib/DBD/File.pm | metacpan |
DBD::Gofer::db | lib/DBD/Gofer.pm | metacpan |
DBD::Gofer::dr | lib/DBD/Gofer.pm | metacpan |
DBD::Gofer::st | lib/DBD/Gofer.pm | metacpan |
DBD::NullP::db | lib/DBD/NullP.pm | metacpan |
DBD::NullP::dr | lib/DBD/NullP.pm | metacpan |
DBD::NullP::st | lib/DBD/NullP.pm | metacpan |
DBD::Proxy::RPC::PlClient | lib/DBD/Proxy.pm | metacpan |
DBD::Proxy::db | lib/DBD/Proxy.pm | metacpan |
DBD::Proxy::dr | lib/DBD/Proxy.pm | metacpan |
DBD::Proxy::st | lib/DBD/Proxy.pm | metacpan |
DBD::Sponge::db | lib/DBD/Sponge.pm | metacpan |
DBD::Sponge::dr | lib/DBD/Sponge.pm | metacpan |
DBD::Sponge::st | lib/DBD/Sponge.pm | metacpan |
DBDI | lib/DBI/DBD.pm | metacpan |
DBI::DBD::SqlEngine::DataSource | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::Statement | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::Table | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::TableSource | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::TieMeta | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::TieTables | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::db | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::dr | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::DBD::SqlEngine::st | lib/DBI/DBD/SqlEngine.pm | metacpan |
DBI::ProxyServer::db | lib/DBI/ProxyServer.pm | metacpan |
DBI::ProxyServer::dr | lib/DBI/ProxyServer.pm | metacpan |
DBI::ProxyServer::st | lib/DBI/ProxyServer.pm | metacpan |
DBI::SQL::Nano::Statement_ | lib/DBI/SQL/Nano.pm | metacpan |
DBI::SQL::Nano::Table_ | lib/DBI/SQL/Nano.pm | metacpan |
DBI::common | DBI.pm | metacpan |