ELA-234-1 mysql-connector-java security update

multiple vulnerabilities

2020-06-08
Packagemysql-connector-java
Version5.1.49-0+deb7u1
Related CVE CVE-2020-2875 CVE-2020-2933 CVE-2020-2934

Several issues were discovered in mysql-connector-java that allow attackers to update, insert or delete access to some of MySQL Connectors accessible data, unauthorized read access to a subset of the data, and partial denial of service.

For Debian 7 Wheezy, these problems have been fixed in version 5.1.49-0+deb7u1.

We recommend that you upgrade your mysql-connector-java packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/