[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 526-1] mysql-connector-java security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : mysql-connector-java
Version        : 5.1.39-1~deb7u1
CVE ID         : CVE-2015-2575


A vulnerability in the MySQL Connectors component of Oracle MySQL
(subcomponent: Connector/J) has been discovered that may result in
unauthorized update, insert or delete access to some MySQL Connectors
accessible data as well as read access to a subset of MySQL Connectors.
The issue is addressed by updating to the latest stable release of
mysql-connector-java since Oracle did not release further information.

Please see Oracle's Critical Patch Update advisory for further details.

http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html#MSQL

For Debian 7 "Wheezy", these problems have been fixed in version
5.1.39-1~deb7u1.

We recommend that you upgrade your mysql-connector-java packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJXbrevXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkfsMQAJq7V/02TqZXwBfgQe3qtRWV
UW9yU25yqHbz8fVHQ5yCleMKvBGAInZESYfzKsM7fsw9I/rvMZ0+JUBNaDzA3dgd
BcCHDzQUO2O/B/7nuKY+NFAnlAqO2n8zI0hOsDjoIacFVs4LxSVRjoKJDrSE2YRo
PnzzZip06Jp4veoZbK2PDwwL4lvTgWNStLfcZ+44XEryuU48jAgFr4KMp4ulus6o
CxyFU+IQD2DJ5akPx/l80eRvA0OxyVCrpxLGJN+IJ3w/vGNusXofBBLIfF2hOGJn
t61GVR7k3/4XTiJ9IEXl3Vbi002PhY/DNt/eXAuVtL8H6SGfzt991GnmV1rRjpzF
XmrW1X2kUFcmG9NMafF/MHnSHnW2XWyNAZtFr6gbM4aEluoY3no5xxer2tKIyqmE
gfx2coN+Seqs3PwHRICEYngUJ7r3kp6xDJLZ8gsC0ovC1XFAoo4/bhH/61dhWgzH
Ta2LaESl4PEDa1LZiS7c3PKqgzAle39lMPLuNcXoMh87Y7ErUmMMzlZkeefxNTf1
jePJQbxiyiCvxjdAVvwqKS5JasjCwQjQMYZrMCSLRylfZLh3JVrTEhlUV6Pe6PTp
PyQvBxr+QVJ2b7xWWO0A83Wxb2kqFBHGAQbVwuMicEV5ypedPfRUi9qVsVyeYPeS
YOkjrKSiEoN7sylv65wq
=CE0Q
-----END PGP SIGNATURE-----


Reply to: