[VIM] CVE / OSVDB id for DB2 APAR
security curmudgeon
jericho at attrition.org
Thu Sep 2 21:12:00 CDT 2010
: : I was looking through a list of security issues in DB2 that IBM recently
: : patched (http://www-01.ibm.com/support/docview.wss?uid=swg21432298) and
: : cross-referencing APARS against CVEs and OSVDBs. I didn't see any
: : mention of the issues IBM labels "SECURITY APAR: MODIFIED SQL DATA table
: : function is not dropped when definer loses required privileges to
: : maintain the objects." (APARs IZ46773, IZ46774, IC63548). All the other
: : issues appear to be covered. Was this missed?
:
: OSVDB 58477
:
: Despite being "recently patched" in one version of DB2, it goes back to
: 2009-09-28 for the first time we saw a reference to it. The first two
: APARs are associated with it, the last was not. I will add it now.
Correction. The first two were associated via reference, the third was
added as a keyword (missed in a reference search). Standardizing so it is
a reference as well.
Brian
More information about the VIM
mailing list