-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : mysql-connector-java Version : 5.1.39-1~deb7u1 CVE ID : CVE-2015-2575
A vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J) has been discovered that may result in unauthorized update, insert or delete access to some MySQL Connectors accessible data as well as read access to a subset of MySQL Connectors. The issue is addressed by updating to the latest stable release of mysql-connector-java since Oracle did not release further information. Please see Oracle's Critical Patch Update advisory for further details. http://www.oracle.com/technetwork/topics/security/cpuapr2015verbose-2365613.html#MSQL For Debian 7 "Wheezy", these problems have been fixed in version 5.1.39-1~deb7u1. We recommend that you upgrade your mysql-connector-java packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJXbrevXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkfsMQAJq7V/02TqZXwBfgQe3qtRWV UW9yU25yqHbz8fVHQ5yCleMKvBGAInZESYfzKsM7fsw9I/rvMZ0+JUBNaDzA3dgd BcCHDzQUO2O/B/7nuKY+NFAnlAqO2n8zI0hOsDjoIacFVs4LxSVRjoKJDrSE2YRo PnzzZip06Jp4veoZbK2PDwwL4lvTgWNStLfcZ+44XEryuU48jAgFr4KMp4ulus6o CxyFU+IQD2DJ5akPx/l80eRvA0OxyVCrpxLGJN+IJ3w/vGNusXofBBLIfF2hOGJn t61GVR7k3/4XTiJ9IEXl3Vbi002PhY/DNt/eXAuVtL8H6SGfzt991GnmV1rRjpzF XmrW1X2kUFcmG9NMafF/MHnSHnW2XWyNAZtFr6gbM4aEluoY3no5xxer2tKIyqmE gfx2coN+Seqs3PwHRICEYngUJ7r3kp6xDJLZ8gsC0ovC1XFAoo4/bhH/61dhWgzH Ta2LaESl4PEDa1LZiS7c3PKqgzAle39lMPLuNcXoMh87Y7ErUmMMzlZkeefxNTf1 jePJQbxiyiCvxjdAVvwqKS5JasjCwQjQMYZrMCSLRylfZLh3JVrTEhlUV6Pe6PTp PyQvBxr+QVJ2b7xWWO0A83Wxb2kqFBHGAQbVwuMicEV5ypedPfRUi9qVsVyeYPeS YOkjrKSiEoN7sylv65wq =CE0Q -----END PGP SIGNATURE-----
