Debian Security Advisory
DLA-526-1 mysql-connector-java -- LTS security update
- Date Reported:
- 25 Jun 2016
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-2575.
- More information:
A vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J) has been discovered that may result in unauthorized update, insert or delete access to some MySQL Connectors accessible data as well as read access to a subset of MySQL Connectors. The issue is addressed by updating to the latest stable release of mysql-connector-java since Oracle did not release further information.
Please see Oracle's Critical Patch Update advisory for further details.
For Debian 7
Wheezy, these problems have been fixed in version 5.1.39-1~deb7u1.
We recommend that you upgrade your mysql-connector-java packages.
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS