diff options
author | Salvatore Bonaccorso <carnil> | 2016-07-18 18:34:30 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil> | 2016-07-18 18:34:30 +0000 |
commit | a1c93513e93d9273b6cf26374d864a61d767ea80 (patch) | |
tree | 672878bb5de697f839935dbb358df8edd6e456f1 | |
parent | fbe22f063f29fc7f04f8f496d47ac07ce4d3bed3 (diff) |
[DSA 3621-1] mysql-connector-java security update
CVS version numbers
english/security/2016/dsa-3621.data: INITIAL -> 1.1
english/security/2016/dsa-3621.wml: INITIAL -> 1.1
-rw-r--r-- | english/security/2016/dsa-3621.data | 13 | ||||
-rw-r--r-- | english/security/2016/dsa-3621.wml | 28 |
2 files changed, 41 insertions, 0 deletions
diff --git a/english/security/2016/dsa-3621.data b/english/security/2016/dsa-3621.data new file mode 100644 index 00000000000..8a814df83c3 --- /dev/null +++ b/english/security/2016/dsa-3621.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-3621-1 mysql-connector-java</define-tag> +<define-tag report_date>2016-7-18</define-tag> +<define-tag secrefs>CVE-2015-2575</define-tag> +<define-tag packages>mysql-connector-java</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2016/dsa-3621.wml b/english/security/2016/dsa-3621.wml new file mode 100644 index 00000000000..2a8dba121a5 --- /dev/null +++ b/english/security/2016/dsa-3621.wml @@ -0,0 +1,28 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>A vulnerability was discovered in mysql-connector-java, a Java database +(JDBC) driver for MySQL, which may result in unauthorized update, insert +or delete access to some MySQL Connectors accessible data as well as +read access to a subset of MySQL Connectors accessible data. The +vulnerability was addressed by upgrading mysql-connector-java to the new +upstream version 5.1.39, which includes additional changes, such as bug +fixes, new features, and possibly incompatible changes. Please see the +MySQL Connector/J Release Notes and Oracle's Critical Patch Update +advisory for further details:</p> + +<ul> +<li><a href="https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html">\ +https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html</a></li> +<li><a href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL">\ +http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL</a></li> +</ul> + +<p>For the stable distribution (jessie), this problem has been fixed in +version 5.1.39-1~deb8u1.</p> + +<p>We recommend that you upgrade your mysql-connector-java packages.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2016/dsa-3621.data" +# $Id$ |