File mysql-connector-java.changes of Package mysql-connector-java.20657

Overview Repositories Revisions Requests Users Attributes Meta

File mysql-connector-java.changes of Package mysql-connector-java.20657

-------------------------------------------------------------------
Tue Jul 27 10:50:51 UTC 2021 - Pedro Monreal <pmonreal@suse.com>

- Security fix: [bsc#1173600, CVE-2020-2875, CVE-2020-2933, CVE-2020-2934]
  * CVE-2020-2875: Unauthenticated attacker with network access via
    multiple protocols can compromise MySQL Connectors. Can result in
    unauthorized update, insert or delete access to some of MySQL
    Connectors accessible data as well as unauthorized read access
    to a subset of MySQL Connectors accessible data.
  * CVE-2020-2934: Can result in unauthorized update, insert or
    delete access to some of MySQL Connectors accessible data as well
    as unauthorized read access to a subset of MySQL Connectors
    accessible data and unauthorized ability to cause a partial denial
    of service (partial DOS) of MySQL Connectors.
  * CVE-2020-2933: Allows high privileged attacker with network access
    via multiple protocols to compromise MySQL Connectors. Can result
    in unauthorized ability to cause a partial denial of service
    (partial DOS) of MySQL Connectors.
  * https://www.oracle.com/security-alerts/cpuapr2020verbose.html#MSQL
  * Add mysql-connector-java-CVE-2020-2875_CVE-2020-2933_CVE-2020-2934.patch

-------------------------------------------------------------------
Thu May 18 12:40:03 UTC 2017 - tchvatal@suse.com

- Hardcode requirement for java 1.8 or newer to build

-------------------------------------------------------------------
Thu May 18 11:55:03 UTC 2017 - tchvatal@suse.com

- Drop patch use-classpath-in-tests.patch
- Add patch disabling testsuite:
  * disable-testsuite.patch
- Drop patch extra-libs-build.patch:
  * Rather use the thing to propagate some wrongly found libs
- Drop patch no-jdk5-requirement.patch:
  * Simply override the value in ant command
- Add patch hibernate-check.patch to remove hibernate check
- Add patch compile-jdk7.patch to compile with old JDK versions

-------------------------------------------------------------------
Thu May 18 10:42:07 UTC 2017 - tchvatal@suse.com

- Version update to 5.1.42 bsc#1035210 bsc#1035697 bsc#1035211:
  * CVE-2017-3589 CVE-2017-3523 CVE-2017-3586 
  * http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html
- Remove upstreamed mysql-connector-java-5.1.35-CVE-2017-3523.patch
- Refresh patch extra-libs-build.patch
- Drop obsolete patch jdk6-check-use-jdk7.patch
- Refresh patch no-jdk5-requirement.patch
- Attempt to refresh mysql-connector-java-jdbc-4.1.patch
  * Partialy merged by upstream, many conflicts
- Add patch to relax compiler check:
  * javac-check.patch

-------------------------------------------------------------------
Tue May  2 15:20:16 UTC 2017 - pmonrealgonzalez@suse.com

- Fix for CVE-2017-3523 (bsc#1035697)
  * Unexpected automatic deserialisation of Java objects
  * Affected software: MySQL Connector/J
  * Remote Code Execution Vulnerability
- Added patch: mysql-connector-java-5.1.35-CVE-2017-3523.patch

-------------------------------------------------------------------
Thu Jun 11 15:11:55 UTC 2015 - tchvatal@suse.com

- Fix the patches to allow jdbc3 build and reenable it:
  * mysql-connector-java-jdbc-4.1.patch
  * no-jdk5-requirement.patch

-------------------------------------------------------------------
Tue Apr 21 15:22:44 UTC 2015 - tchvatal@suse.com

- Update to 5.1.35 (see CHANGES for full list of issues)
  bnc#927981 CVE-2015-2575:
  * http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html
- Remove not applicable patch:
  * mysql-connector-java-7-jdbc-4.1.patch
- Do not explicitely check for jdk6 but be happy with 7 and 8:
  * jdk6-check-use-jdk7.patch
- Do not require hibernate4 to actually build:
  * extra-libs-build.patch
- Do not build jdk5 depending jdbc3:
  * no-jdk5-requirement.patch
- Add and rebase jdbc4.1 patch:
  * mysql-connector-java-jdbc-4.1.patch
- Add new patch to build tests:
  * use-classpath-in-tests.patch

-------------------------------------------------------------------
Wed Mar 18 09:46:18 UTC 2015 - tchvatal@suse.com

- Fix build with new javapackages-tools

-------------------------------------------------------------------
Fri Jun 27 12:33:20 UTC 2014 - tchvatal@suse.com

- Cleanup with spec-cleaner
- Try to build on SLE_11

-------------------------------------------------------------------
Thu Sep 19 14:12:57 UTC 2013 - mvyskocil@suse.com

- update to 5.1.25 (see CHANGES for full list)
  * support for Connection Attributes when used with MySQL Server versions (5.6+).
  5.1.24
  * support of password expiration protocol. This introduces new boolean
    connection property disconnectOnExpiredPasswords.
  5.1.23
  * added support of password expiration protocol.
  * driver now allows the mechanism for caching MySQL server configuration
    values replaceable at runtime.
  * Connection.setReadOnly() will take advantage of server-side support for
    read-only transactions present in MySQL-5.6 and newer. Calling .isReadOnly()
    will incur a round-trip if useLocalSessionState.
  5.1.22
  * support of ON UPDATE CURRENT_TIMESTAMP for TIMESTAMP and DATETIME fields.
  5.1.21
  * new built-in authentication plugin
    com.mysql.jdbc.authentication.Sha256PasswordPlugin ("sha256_password").
  * Added new built-in authentication plugin
    com.mysql.jdbc.authentication.MysqlClearPasswordPlugin ("mysql_clear_password").
    It allows C/J based clients to connect to MySQL accounts.
  * the ability to add new client-side prepared statement parse info caches
  * implemented several JDBC-4.1 methods from Java-7:
  5.1.19:
  * Added support for pluggable authentication via the com.mysql.jdbc.AuthenticationPlugin
- rebase and rename mysql-connector-java-5.1.19-java7.patch to
  * mysql-connector-java-7-jdbc-4.1.patch

-------------------------------------------------------------------
Fri Sep 13 09:04:23 UTC 2013 - pgajdos@suse.com

- add jpackages-tools to buildrequires

-------------------------------------------------------------------
Fri Aug 23 09:48:13 UTC 2013 - mvyskocil@suse.com

- use add_maven_depmap provided by javapackages-tools

-------------------------------------------------------------------
Wed Jun 20 08:13:10 UTC 2012 - mvyskocil@suse.cz

- build require java-devel >= 1.6.0 as well

-------------------------------------------------------------------
Mon Jun 18 13:16:57 UTC 2012 - mvyskocil@suse.cz

- fix a build with jdk7 (build jdbc 3.0 with gcj)
- remove some obsoleted macros (gcj, jboss)
- remove jars from source file as well

-------------------------------------------------------------------
Fri May  4 12:48:41 UTC 2012 - mvyskocil@suse.cz

- remove the docs/ from source tarball due license issues

-------------------------------------------------------------------
Fri Apr 27 09:54:08 UTC 2012 - mvyskocil@suse.cz

- update to 5.1.19
  * plugable authentication via com.mysql.jdbc.AuthenticationPlugin
  * retrieve servet charset name using index
  * ability to determine if the connection is against server on the same host
  * added slf4j logging adapter
  * and many more features and bugfixes
- removed -javadoc patch and package
- add maven pom

-------------------------------------------------------------------
Thu Sep 11 10:23:35 CEST 2008 - anosek@suse.cz

- updated to version 5.1.6
  - introduces driver which conforms to the JDBC 4.0 specifications.
    However this was disabled because of missing dependencies
- dropped obsoleted patch (build_xml.patch)
- added patch (disableJDBC4.patch) taken from Debian

-------------------------------------------------------------------
Thu Aug  7 09:46:22 CEST 2008 - mvyskocil@suse.cz

- update to the 5.0.8 (improved spec from jpackage.org)
  - fix of [bnc#99151]
- added two new subpackages (javadoc and manual)
- removed the dependency on jboss4
- add a support for build with java6 and java5 together (ia64 build fix)
- use source="1.5" and target="1.5"

-------------------------------------------------------------------
Thu Jul 17 07:54:00 CEST 2008 - coolo@suse.de

- trying to avoid another build cycle

-------------------------------------------------------------------
Wed Sep 27 15:50:56 CEST 2006 - skh@suse.de

- don't use icecream
- use source="1.4" and target="1.4" for build with java 1.5

-------------------------------------------------------------------
Tue Feb  7 09:54:31 CET 2006 - jsmeix@suse.de

- Current version 3.1.12 from JPackage.org

-------------------------------------------------------------------
Wed Jan 25 21:47:09 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Thu Jul 28 16:49:05 CEST 2005 - jsmeix@suse.de

- Adjustments in the spec file.

-------------------------------------------------------------------
Mon Jul 18 16:52:27 CEST 2005 - jsmeix@suse.de

- Current version 3.1.8 from JPackage.org

-------------------------------------------------------------------
Fri Feb 18 18:03:35 CET 2005 - skh@suse.de

- update to version 3.1.6
- don't use icecream

-------------------------------------------------------------------
Thu Sep  2 18:26:14 CEST 2004 - skh@suse.de

- Initial package created with version 3.0.11 (JPackage 1.5)

Places

File mysql-connector-java.changes of Package mysql-connector-java.20657

Places