[VIM] The next IBM DB2 mess...
jericho at attrition.org
Tue Sep 23 03:38:43 UTC 2008
Trying to track down and do the x-ref mess. Ran into one CVE dupe most
likely (2008-0698 / 2007-3676). The question originally was if 2008-3853
crosed with OSVDB 48146. Here is a list of APARs, CVEs and relevant notes
and fix info:
irst fixed in DB2 UDB Version 9.5, FixPak 1
irst fixed in DB2 UDB Version 8.2, FixPak 16
First fixed in DB2 UDB Version 9.1, FixPak 4a
OSVDB 48146 / CVE-NO-MATCH ?
Problem was fixed in Version 9.5 Fix Pack 2
Problem was first fixed in Version 8.2 Fix Pack 16
Problem was fixed in Version 9.1 Fix Pack 5
First fixed in DB2 UDB Version 8, FixPak 16
First fixed in DB2 V9.1 fixpak 4 (FP4)
This APAR addresses the issues described by CVE-2007-3676 at
Based on that, 2008-3853 and OSVDB 48146 seem different, since in each
case the vuln was fixed in different versions 2 of the 3 times. Based on
that, OSVDB is keeping two entries for these.
The note in APAR 05478 (CVE 2008-0698) makes it pretty clear it crosses
with 2007-3676 though
More information about the VIM