[VIM] CVE / OSVDB id for DB2 APAR
security curmudgeon
jericho at attrition.org
Thu Sep 2 21:11:01 CDT 2010
On Thu, 2 Sep 2010, George A. Theall wrote:
: I was looking through a list of security issues in DB2 that IBM recently
: patched (http://www-01.ibm.com/support/docview.wss?uid=swg21432298) and
: cross-referencing APARS against CVEs and OSVDBs. I didn't see any
: mention of the issues IBM labels "SECURITY APAR: MODIFIED SQL DATA table
: function is not dropped when definer loses required privileges to
: maintain the objects." (APARs IZ46773, IZ46774, IC63548). All the other
: issues appear to be covered. Was this missed?
OSVDB 58477
Despite being "recently patched" in one version of DB2, it goes back to
2009-09-28 for the first time we saw a reference to it. The first two
APARs are associated with it, the last was not. I will add it now.
Brian
More information about the VIM
mailing list