| Summary: | mysql-connector-java new security issue CVE-2018-3258 and CVE-2019-2692 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Java Stack Maintainers <java> |
| Status: | RESOLVED OLD | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | geiger.david68210, mageia, marja11, mhrambo3501, yvesbrungard |
| Version: | 6 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | mysql-connector-java-8.0.12-2.mga7.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2018-10-17 23:15:56 CEST
David Walser
2018-10-17 23:16:11 CEST
Whiteboard:
(none) =>
MGA6TOO
Marja Van Waes
2018-10-18 09:23:14 CEST
CC:
(none) =>
mageia, marja11 mysql-connector-java-8.0.13-1.mga7 uploaded by David to fix this in Cauldron. CC:
(none) =>
geiger.david68210 Fedora has issued an advisory for this on November 10: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/674XGWEZN7DMLSDLCBXDKKN75BDDFP45/ April 2019 Oracle CPU lists a security issue in mysql-connector-java: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL It sounds like it needs to be updated to something newer than 8.0.15. Version:
6 =>
Cauldron
papoteur
2019-04-24 10:42:25 CEST
CC:
(none) =>
yves.brungard_mageia mysql-connector-java-8.0.16-1.mga7 uploaded to fix CVE-2019-2692 in Cauldron.
David Walser
2019-05-06 17:55:52 CEST
Version:
Cauldron =>
6 Mageia 6 is EOL. Status:
NEW =>
RESOLVED |