advisories/16070.adv

type: security
subject: Updated mysql-connector-java package fixes security vulnerability
CVE:
 - CVE-2015-2575
src:
  4:
   core:
     - mysql-connector-java-5.1.35-1.mga4
description: |
  Difficult to exploit vulnerability allows successful authenticated network
  attacks via multiple protocols. Successful attack of this vulnerability
  can result in unauthorized update, insert or delete access to some MySQL
  Connectors accessible data as well as read access to a subset of MySQL
  Connectors accessible data (CVE-2015-2575).

  The mysql-connector-java package has been updated to version 5.1.35 to fix
  this issue and several other bugs
references:
 - https://bugs.mageia.org/show_bug.cgi?id=16070
 - http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html
 - http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html
ID: MGASA-2015-0255
1	type: security
2	subject: Updated mysql-connector-java package fixes security vulnerability
3	CVE:
4	- CVE-2015-2575
5	src:
6	4:
7	core:
8	- mysql-connector-java-5.1.35-1.mga4
9	description: \|
10	Difficult to exploit vulnerability allows successful authenticated network
11	attacks via multiple protocols. Successful attack of this vulnerability
12	can result in unauthorized update, insert or delete access to some MySQL
13	Connectors accessible data as well as read access to a subset of MySQL
14	Connectors accessible data (CVE-2015-2575).
15
16	The mysql-connector-java package has been updated to version 5.1.35 to fix
17	this issue and several other bugs
18	references:
19	- https://bugs.mageia.org/show_bug.cgi?id=16070
20	- http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html
21	- http://lists.opensuse.org/opensuse-updates/2015-05/msg00089.html
22	ID: MGASA-2015-0255