dependabot[bot] opened a new pull request, #24023: URL: https://github.com/apache/camel/pull/24023
Bumps [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) from 3.5.8 to 3.5.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mariadb-corporation/mariadb-connector-j/blob/main/CHANGELOG.md";>org.mariadb.jdbc:mariadb-java-client's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.5.9";>3.5.9</a> (Jun 2026)</h2> <p><a href="https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.5.8...3.5.9";>Full Changelog</a></p> <h4>Key Enhancements</h4> <ul> <li>CONJ-1223 - cache TLS trust/key managers across connections to reduce SSL connection cost</li> <li>CONJ-1314 - add SPI for interactive dialog (PAM) authentication callback</li> <li>CONJ-1311 - add dedicated option <code>useIpForKillQuery</code> for query cancellation</li> <li>CONJ-1310 - Add full native image support and CI coverage</li> </ul> <h4>Issues Resolved</h4> <ul> <li>CONJ-1320 - PAM (dialog) authentication must require a secure connection (report by fg0x0)</li> <li>CONJ-1319 - Use constant-time comparison when validating the server certificate fingerprint (report by jmestwa-coder)</li> <li>CONJ-1318 - enforce <code>allowLocalInfile=false</code> on the server's local-infile request, so a malicious server cannot read a client file despite the option being disabled</li> <li>CONJ-1322 - match local infile filename case-sensitively (thanks to jmestwa-coder)</li> <li>CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)</li> <li>CONJ-1315 - cap BigDecimal/BigInteger string parsing length to prevent CPU exhaustion if MitM (report by tonghuaroot)</li> <li>CONJ-1317 - ensure non-UTF8 charset cannot be used for protocol exchanges (report by fg0x0)</li> <li>CONJ-1304 - CallableStatement parameter metadata read from mysql.proc, with MySQL info_schema fallback</li> <li>CONJ-1299 - keep VALUES literals after the last placeholder when rewriting batches</li> <li>CONJ-1313 - race condition in HaMode#getAvailableHostInOrder can cause NPE</li> <li>CONJ-1311 - Connection.cancelCurrentQuery fails with SslMode.VERIFY_FULL when client socket IP is set</li> <li>CONJ-1264 - handle LocalDateTime as a zoneless wall-clock value</li> <li>CONJ-1316 - pin Locale.ROOT on locale-sensitive call sites and date/time/Duration text formatting (fixes locale-dependent parsing/formatting, e.g. under tr_TR) (thanks to jmestwa-coder)</li> <li>CONJ-1324 - fix SQL parser to correctly handle '--' in expressions and reset lastChar after block comments</li> <li>CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)</li> </ul> <h2><a href="https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.4.3";>3.4.3</a> (Jun 2026)</h2> <p><a href="https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.4.2...3.4.3";>Full Changelog</a></p> <h5>Bugs Fixed</h5> <ul> <li>CONJ-1315 - cap BigDecimal/BigInteger string parsing length to prevent CPU exhaustion if Mitm (report by tonghuaroot)</li> <li>CONJ-1316 - pin Locale.ROOT on locale-sensitive call sites and date/time/Duration text formatting (fixes locale-dependent parsing/formatting, e.g. under tr_TR) (thanks to jmestwa-coder)</li> <li>CONJ-1259 - DatabaseMetaData read-only detection: handle MariaDB 12.0 <code>@@read_only</code> returning <code>ON</code>/<code>OFF</code> instead of <code>1</code>/<code>0</code></li> <li>CONJ-1317 - ensure non-UTF8 charset cannot be used for protocol exchanges (report by fg0x0)</li> <li>CONJ-1320 - PAM (dialog) authentication now requires a secure connection (TLS or unix socket), like mysql_clear_password (report by fg0x0)</li> <li>CONJ-1319 - use constant-time comparison when validating the server certificate fingerprint (thanks to jmestwa-coder)</li> <li>CONJ-1322 - match local infile filename case-sensitively (thanks to jmestwa-coder)</li> <li>CONJ-1323 - LOAD LOCAL INFILE validation rejects statements preceded by line comments (thanks to sebdomdev)</li> </ul> <h2><a href="https://github.com/mariadb-corporation/mariadb-connector-j/tree/3.3.5";>3.3.5</a> (Jun 2026)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/mariadb-corporation/mariadb-connector-j/commits";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
