Re: Refreshing mysql-connector-java
Hi Security Team,
On 07/06/2020 09:44, Moritz Mühlenhoff wrote:
> On Fri, Jun 05, 2020 at 02:27:50PM +0200, Sylvain Beucler wrote:
>> On 05/06/2020 09:23, Sylvain Beucler wrote:
>> I finished testing and I prepared the upload accordingly:
>> Version scheme is changed, suite is stretch-security, and I made a minor
>> change to debian/watch to track 5.x (not 8.x).
>> Do you approve for upload?
> Thanks, please upload to security-master! (And note to build with -sa
> as the 5.1.49 tarball isn't present on security-master yet).
I'm not entirely familiar with the process here, the upload is in
"embargoed", and I suspect it needs validation.
Then it will make the new tarball available and I'll be able to make the
Do you plan to send a DSA? I prepared the following text:
Several issues were discovered in mysql-connector-java, a Java database
(JDBC) driver for MySQL, that allow attackers to update, insert or
delete access to some of MySQL Connectors accessible data, unauthorized
read access to a subset of the data, and partial denial of service.