From a1c93513e93d9273b6cf26374d864a61d767ea80 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil>
Date: Mon, 18 Jul 2016 18:34:30 +0000
Subject: [DSA 3621-1] mysql-connector-java security update

CVS version numbers

english/security/2016/dsa-3621.data: INITIAL -> 1.1
english/security/2016/dsa-3621.wml: INITIAL -> 1.1
---
 english/security/2016/dsa-3621.data | 13 +++++++++++++
 english/security/2016/dsa-3621.wml  | 28 ++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 english/security/2016/dsa-3621.data
 create mode 100644 english/security/2016/dsa-3621.wml

diff --git a/english/security/2016/dsa-3621.data b/english/security/2016/dsa-3621.data
new file mode 100644
index 00000000000..8a814df83c3
--- /dev/null
+++ b/english/security/2016/dsa-3621.data
@@ -0,0 +1,13 @@
+<define-tag pagetitle>DSA-3621-1 mysql-connector-java</define-tag>
+<define-tag report_date>2016-7-18</define-tag>
+<define-tag secrefs>CVE-2015-2575</define-tag>
+<define-tag packages>mysql-connector-java</define-tag>
+<define-tag isvulnerable>yes</define-tag>
+<define-tag fixed>yes</define-tag>
+<define-tag fixed-section>no</define-tag>
+
+#use wml::debian::security
+
+
+
+</dl>
diff --git a/english/security/2016/dsa-3621.wml b/english/security/2016/dsa-3621.wml
new file mode 100644
index 00000000000..2a8dba121a5
--- /dev/null
+++ b/english/security/2016/dsa-3621.wml
@@ -0,0 +1,28 @@
+<define-tag description>security update</define-tag>
+<define-tag moreinfo>
+<p>A vulnerability was discovered in mysql-connector-java, a Java database
+(JDBC) driver for MySQL, which may result in unauthorized update, insert
+or delete access to some MySQL Connectors accessible data as well as
+read access to a subset of MySQL Connectors accessible data. The
+vulnerability was addressed by upgrading mysql-connector-java to the new
+upstream version 5.1.39, which includes additional changes, such as bug
+fixes, new features, and possibly incompatible changes. Please see the
+MySQL Connector/J Release Notes and Oracle's Critical Patch Update
+advisory for further details:</p>
+
+<ul>
+<li><a href="https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html">\
+https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html</a></li>
+<li><a href="http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL">\
+http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL</a></li>
+</ul>
+
+<p>For the stable distribution (jessie), this problem has been fixed in
+version 5.1.39-1~deb8u1.</p>
+
+<p>We recommend that you upgrade your mysql-connector-java packages.</p>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/security/2016/dsa-3621.data"
+# $Id$
-- 
cgit v1.2.3