drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in mysql-connector-java
Name: |
Mangelnde Rechteprüfung in mysql-connector-java |
|
ID: |
DSA-3621-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie |
|
Datum: |
Di, 19. Juli 2016, 08:33 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575 |
|
Applikationen: |
MySQL |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3621-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : mysql-connector-java CVE ID : CVE-2015-2575
A vulnerability was discovered in mysql-connector-java, a Java database (JDBC) driver for MySQL, which may result in unauthorized update, insert or delete access to some MySQL Connectors accessible data as well as read access to a subset of MySQL Connectors accessible data. The vulnerability was addressed by upgrading mysql-connector-java to the new upstream version 5.1.39, which includes additional changes, such as bug fixes, new features, and possibly incompatible changes. Please see the MySQL Connector/J Release Notes and Oracle's Critical Patch Update advisory for further details:
https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html cpuapr2015-2365600.html#AppendixMSQL
For the stable distribution (jessie), this problem has been fixed in version 5.1.39-1~deb8u1.
We recommend that you upgrade your mysql-connector-java packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJXjQKkAAoJEAVMuPMTQ89Ee2UP/18I4detSRWBBnIaEGlmIqEw wTnsJlwtxwCjzDXRL61Vd2MxNbHEGwq8IQi/nWnoNhqRBUXEko5/X72Gx5UFtrMK 5nu1uTZe8xCmFJUaTsvfEb0FtKJ/1I07VHcxgjXJx6J9SXPtal8oKnAQLKfCQAPT +eFnY8ISjc6xaEYJK/Ddtjt/GXTWPFEvtd4mWH+l19kc2uLwR6RjCgr8NLdsmERv D5EgTgj5MbnMZPW6SpvcRJj2aWRLqADe9CLxNlw19NNzaXsuZ3Od8IZQ75Nt95CG RW69EqQTKjblVhvGyb7U13TKqvieM5cqmww2oqt6+4+M/vvJcXctEPT1jBhexJNX 2cy8fzwlI4OMqIrPfJ/SJh7+YQfD9zSLKWuYkVIy+K/39tmIahlLY6TKS8AvIAda sxDTnvj9dajZEI/DUXdtMoMeqg8hHXs1cYHFFN2uKPLdTTvyAqGQBl9ycf5Njlfa 9rQmdr0UhdP03a5JDSmCBmj+t8iA2hnelV4hg0FtwKUeoguihato8ULOpYQXx1Hg 5AjwBqpNCLBjBVSKzAjJgR9pXO0M3Ibh/dp/55znDMU8evniVVcS8avnePZeIL5V 2suyruiCgLE9CmoWD+p1UzV1qdLHdXnZrZEsUejfX1O0C2u2QdDgHuSF/hCnw1Nj hEABqqwx0F1UALfdvI0A =ezgL -----END PGP SIGNATURE-----
|
|
|
|