Package: igv Version: 2.4.14+dfsg-1 Severity: important Tags: patch Hello,
we would like to remove libmysql-java from Debian because it is frequently affected by security vulnerabilities which are not fully disclosed. This makes it hard to determine the impact of such a flaw.[1] However we also have libmariadb-java which is a drop-in replacement and upstream is more transparent about security issues. Please find attached a patch that makes the necessary changes to the Debian packaging. [1] https://bugs.debian.org/912916
>From 4420b23b2cb2c93d5b821de05e078cf5a8431ca5 Mon Sep 17 00:00:00 2001 From: Markus Koschany <[email protected]> Date: Fri, 9 Nov 2018 16:02:33 +0100 Subject: [PATCH] Replace libmysql-java with libmariadb-java. --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index a3b5948..97d88d1 100644 --- a/debian/control +++ b/debian/control @@ -33,7 +33,7 @@ Build-Depends: default-jdk, libguava-java, libbcprov-java (>= 1.47), libjgrapht0.8-java, - libmysql-java, + libmariadb-java, libgoogle-gson-java, javahelper, libjide-oss-java, -- 2.19.1
