File mysql-connector-java.changes of Package mysql-connector-java.20655

Overview Repositories Revisions Requests Users Attributes Meta

File mysql-connector-java.changes of Package mysql-connector-java.20655

-------------------------------------------------------------------
Tue Jul 27 10:50:51 UTC 2021 - Pedro Monreal <pmonreal@suse.com>

- Security fix: [bsc#1173600, CVE-2020-2875, CVE-2020-2933, CVE-2020-2934]
  * CVE-2020-2875: Unauthenticated attacker with network access via
    multiple protocols can compromise MySQL Connectors. Can result in
    unauthorized update, insert or delete access to some of MySQL
    Connectors accessible data as well as unauthorized read access
    to a subset of MySQL Connectors accessible data.
  * CVE-2020-2934: Can result in unauthorized update, insert or
    delete access to some of MySQL Connectors accessible data as well
    as unauthorized read access to a subset of MySQL Connectors
    accessible data and unauthorized ability to cause a partial denial
    of service (partial DOS) of MySQL Connectors.
  * CVE-2020-2933: Allows high privileged attacker with network access
    via multiple protocols to compromise MySQL Connectors. Can result
    in unauthorized ability to cause a partial denial of service
    (partial DOS) of MySQL Connectors.
  * https://www.oracle.com/security-alerts/cpuapr2020verbose.html#MSQL
  * Add mysql-connector-java-CVE-2020-2875_CVE-2020-2933_CVE-2020-2934.patch

-------------------------------------------------------------------
Tue Oct  1 09:15:34 UTC 2019 - Fridrich Strba <fstrba@suse.com>

- Build against the new compatibility packages log4j12/log4j12-mini
- Clean the spec file by spec-cleaner

-------------------------------------------------------------------
Mon Nov  5 15:22:11 UTC 2018 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>

- Updated to 5.1.47
  - Bug#28449601, MASTER : UNITTEST FOR BUG#22305979 (TESTBUG22305979) STILL FAILS ON QA SETUP.
  - Bug#81063 (23098159), w/ rewriteBatchedStatements, when 2 tables involved, the rewriting not correct.
  - Bug#84813 (25501750), rewriteBatchedStatements fails in INSERT.
  - Fix for Bug#81196 (23227334), CONNECTOR/J NOT FOLLOWING DATABASE CHARACTER SET.
  - Bug#72609 (18749544), SETDATE() NOT USING A PROLEPTIC GREGORIAN CALENDAR.
  - Bug#87534 (26730196), UNION ALL query fails when useServerPrepStmts=true
    on database connection. Test case only. Base bug fixed in MySQL 5.7.22.
  - Bug#89948 (27658489), Batched statements are not committed for useLocalTransactionState=true.
  - BUG#80532 (22847443), ENCODING OF RESULTSET.UPDATEROW IS BROKEN FOR NON ASCII CHARCTERS.
  - BUG#22305979, WRONG RECORD UPDATED IF SENDFRACTIONALSECONDS=FALSE AND SMT IS SCROLLABLE.
  - BUG#90024 (27677574), SOME TESTS FAILED AGAINST MYSQL 8.0.5 BECAUSE OF DEPRECATED FEATURES REMOVAL.

- Updated to 5.1.46
  - WL#11629, Change caching_sha2_password padding.
  - Bug#86741 (26314325), Multi-Host connection with autocommit=0 getAutoCommit maybe wrong.
  - Bug#27231383, PROVIDE MAVEN-FRIENDLY COMMERCIAL PACKAGES WITHOUT "-BIN".
  - Bug#26819691, SETTING PACKETDEBUGBUFFERSIZE=0 RESULTS IN CONNECTION FAILURE.
  - WL#11200, Add caching_sha2_password support.
  - Bug#88227 (27029657), Connector/J 5.1.44 cannot be used against MySQL 5.7.20 without warnings.
  - Bug#27374581, CONNECTION FAILS WHEN GPL SERVER STARTED WITH TLS-VERSION=TLSV1.2.
  - Bug#79612 (22362474), CONNECTION ATTRIBUTES LOST WHEN CONNECTING WITHOUT DEFAULT DATABASE.

- Updated to 5.1.45
  - Bug#27131768, NULL POINTER EXCEPTION IN CONNECTION.
  - Bug#88232 (27047676), c/J does not rollback transaction when autoReconnect=true.
  - Bug#88242 (27040063), autoReconnect and socketTimeout JDBC option makes wrong order of client packet.
  - Bug#88021 (26939943), High GC pressure when driver configured with serversideprepared statements.
  - Bug#26724085, CHARSET MAPPING TO BE UPDATED FOR MYSQL 8.0.3.
  - Bug#26794652, TEST FAILING DUE TO BINARY LOGGING ENABLED BY DEFAULT IN MYSQL 8.0.3.
  - Bug#26794602, TESTS FAILING DUE TO CHANGE IN INFORMATION_SCHEMA.INNODB_SYS_* NAMING.
  - Bug#87704 (26771560), THE STREAM GETS THE RESULT SET ?THE DRIVER SIDE GET WRONG ABOUT GETLONG().

- Updated to 5.1.44
  - Bug#87429 (26633984), repeated close of ServerPreparedStatement causes memory leak.
  - Bug#87379 (26646676), Perform actual TLS capabilities check when restricting TLSv1.2.
  - Bug#85601 (25777822), Unit notation is missing in the description of the property involved in the time.
  - Bug#87153 (26501245), INCORRECT RESULT OF DBMD.GETVERSIONCOLUMNS() AGAINST MYSQL 8.0.2+.
  - Bug#26440544, CONNECTOR/J SHOULD NOT USE TX_{READ_ONLY,ISOLATION} WHICH IS PLANNED FOR REMOVAL.

- Rebased patch mysql-connector-java-jdbc-4.1.patch

-------------------------------------------------------------------
Fri Oct  6 08:13:05 UTC 2017 - fstrba@suse.com

- Fix build with jdk9
- Added patch:
  * mysql-connector-java-sourcetarget.patch
    + Don't hardcode java source and target levels; specify them
      on command-line.

-------------------------------------------------------------------
Fri Sep 29 06:45:22 UTC 2017 - fstrba@suse.com

- Don't condition the maven defines on release version, but on 
  _maven_repository being defined

-------------------------------------------------------------------
Sun Sep 10 13:49:02 UTC 2017 - fstrba@suse.com

- Require for building java-devel = 1.8.0, since this package needs
  a javac compiler able to build with source and target level 1.5

-------------------------------------------------------------------
Mon Aug 21 11:06:28 UTC 2017 - pmonrealgonzalez@suse.com

- Update to version 5.1.43
  * Fixed problems connecting to MYSQL 8.0.3.
  * Deprecating COM_SHUTDOWN
  * GETDATE(),GETTIME() AND GETTIMESTAMP() called with NULL
    calendar returs NPE
  * C/J 5.1 GIS tests are failing with MYSQL 8.0.1C/J 5.1 GIS
  * Updated time zone mappings with latest TZ databases
  * For a full list of fixed issues see CHANGES or:
    http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html

-------------------------------------------------------------------
Fri May 19 11:34:06 UTC 2017 - dziolkowski@suse.com

- New build dependency: javapackages-local
- cleaned spec using spec-cleaner

-------------------------------------------------------------------
Thu May 18 12:40:03 UTC 2017 - tchvatal@suse.com

- Hardcode requirement for java 1.8 or newer to build

-------------------------------------------------------------------
Thu May 18 11:55:03 UTC 2017 - tchvatal@suse.com

- Drop patch use-classpath-in-tests.patch
- Add patch disabling testsuite:
  * disable-testsuite.patch
- Drop patch extra-libs-build.patch:
  * Rather use the thing to propagate some wrongly found libs
- Drop patch no-jdk5-requirement.patch:
  * Simply override the value in ant command
- Add patch hibernate-check.patch to remove hibernate check
- Add patch compile-jdk7.patch to compile with old JDK versions

-------------------------------------------------------------------
Thu May 18 10:42:07 UTC 2017 - tchvatal@suse.com

- Version update to 5.1.42 bsc#1035210 bsc#1035697 bsc#1035211:
  * CVE-2017-3589 CVE-2017-3523 CVE-2017-3586 
  * http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html
- Remove upstreamed mysql-connector-java-5.1.35-CVE-2017-3523.patch
- Refresh patch extra-libs-build.patch
- Drop obsolete patch jdk6-check-use-jdk7.patch
- Refresh patch no-jdk5-requirement.patch
- Attempt to refresh mysql-connector-java-jdbc-4.1.patch
  * Partialy merged by upstream, many conflicts
- Add patch to relax compiler check:
  * javac-check.patch

-------------------------------------------------------------------
Tue May  2 15:20:16 UTC 2017 - pmonrealgonzalez@suse.com

- Fix for CVE-2017-3523 (bsc#1035697)
  * Unexpected automatic deserialisation of Java objects
  * Affected software: MySQL Connector/J
  * Remote Code Execution Vulnerability
- Added patch: mysql-connector-java-5.1.35-CVE-2017-3523.patch

-------------------------------------------------------------------
Thu Jun 11 15:11:55 UTC 2015 - tchvatal@suse.com

- Fix the patches to allow jdbc3 build and reenable it:
  * mysql-connector-java-jdbc-4.1.patch
  * no-jdk5-requirement.patch

-------------------------------------------------------------------
Tue Apr 21 15:22:44 UTC 2015 - tchvatal@suse.com

- Update to 5.1.35 (see CHANGES for full list of issues)
  bnc#927981 CVE-2015-2575:
  * http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html
- Remove not applicable patch:
  * mysql-connector-java-7-jdbc-4.1.patch
- Do not explicitely check for jdk6 but be happy with 7 and 8:
  * jdk6-check-use-jdk7.patch
- Do not require hibernate4 to actually build:
  * extra-libs-build.patch
- Do not build jdk5 depending jdbc3:
  * no-jdk5-requirement.patch
- Add and rebase jdbc4.1 patch:
  * mysql-connector-java-jdbc-4.1.patch
- Add new patch to build tests:
  * use-classpath-in-tests.patch

-------------------------------------------------------------------
Wed Mar 18 09:46:18 UTC 2015 - tchvatal@suse.com

- Fix build with new javapackages-tools

-------------------------------------------------------------------
Fri Jun 27 12:33:20 UTC 2014 - tchvatal@suse.com

- Cleanup with spec-cleaner
- Try to build on SLE_11

-------------------------------------------------------------------
Thu Sep 19 14:12:57 UTC 2013 - mvyskocil@suse.com

- update to 5.1.25 (see CHANGES for full list)
  * support for Connection Attributes when used with MySQL Server versions (5.6+).
  5.1.24
  * support of password expiration protocol. This introduces new boolean
    connection property disconnectOnExpiredPasswords.
  5.1.23
  * added support of password expiration protocol.
  * driver now allows the mechanism for caching MySQL server configuration
    values replaceable at runtime.
  * Connection.setReadOnly() will take advantage of server-side support for
    read-only transactions present in MySQL-5.6 and newer. Calling .isReadOnly()
    will incur a round-trip if useLocalSessionState.
  5.1.22
  * support of ON UPDATE CURRENT_TIMESTAMP for TIMESTAMP and DATETIME fields.
  5.1.21
  * new built-in authentication plugin
    com.mysql.jdbc.authentication.Sha256PasswordPlugin ("sha256_password").
  * Added new built-in authentication plugin
    com.mysql.jdbc.authentication.MysqlClearPasswordPlugin ("mysql_clear_password").
    It allows C/J based clients to connect to MySQL accounts.
  * the ability to add new client-side prepared statement parse info caches
  * implemented several JDBC-4.1 methods from Java-7:
  5.1.19:
  * Added support for pluggable authentication via the com.mysql.jdbc.AuthenticationPlugin
- rebase and rename mysql-connector-java-5.1.19-java7.patch to
  * mysql-connector-java-7-jdbc-4.1.patch

-------------------------------------------------------------------
Fri Sep 13 09:04:23 UTC 2013 - pgajdos@suse.com

- add jpackages-tools to buildrequires

-------------------------------------------------------------------
Fri Aug 23 09:48:13 UTC 2013 - mvyskocil@suse.com

- use add_maven_depmap provided by javapackages-tools

-------------------------------------------------------------------
Wed Jun 20 08:13:10 UTC 2012 - mvyskocil@suse.cz

- build require java-devel >= 1.6.0 as well

-------------------------------------------------------------------
Mon Jun 18 13:16:57 UTC 2012 - mvyskocil@suse.cz

- fix a build with jdk7 (build jdbc 3.0 with gcj)
- remove some obsoleted macros (gcj, jboss)
- remove jars from source file as well

-------------------------------------------------------------------
Fri May  4 12:48:41 UTC 2012 - mvyskocil@suse.cz

- remove the docs/ from source tarball due license issues

-------------------------------------------------------------------
Fri Apr 27 09:54:08 UTC 2012 - mvyskocil@suse.cz

- update to 5.1.19
  * plugable authentication via com.mysql.jdbc.AuthenticationPlugin
  * retrieve servet charset name using index
  * ability to determine if the connection is against server on the same host
  * added slf4j logging adapter
  * and many more features and bugfixes
- removed -javadoc patch and package
- add maven pom

-------------------------------------------------------------------
Thu Sep 11 10:23:35 CEST 2008 - anosek@suse.cz

- updated to version 5.1.6
  - introduces driver which conforms to the JDBC 4.0 specifications.
    However this was disabled because of missing dependencies
- dropped obsoleted patch (build_xml.patch)
- added patch (disableJDBC4.patch) taken from Debian

-------------------------------------------------------------------
Thu Aug  7 09:46:22 CEST 2008 - mvyskocil@suse.cz

- update to the 5.0.8 (improved spec from jpackage.org)
  - fix of [bnc#99151]
- added two new subpackages (javadoc and manual)
- removed the dependency on jboss4
- add a support for build with java6 and java5 together (ia64 build fix)
- use source="1.5" and target="1.5"

-------------------------------------------------------------------
Thu Jul 17 07:54:00 CEST 2008 - coolo@suse.de

- trying to avoid another build cycle

-------------------------------------------------------------------
Wed Sep 27 15:50:56 CEST 2006 - skh@suse.de

- don't use icecream
- use source="1.4" and target="1.4" for build with java 1.5

-------------------------------------------------------------------
Tue Feb  7 09:54:31 CET 2006 - jsmeix@suse.de

- Current version 3.1.12 from JPackage.org

-------------------------------------------------------------------
Wed Jan 25 21:47:09 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Thu Jul 28 16:49:05 CEST 2005 - jsmeix@suse.de

- Adjustments in the spec file.

-------------------------------------------------------------------
Mon Jul 18 16:52:27 CEST 2005 - jsmeix@suse.de

- Current version 3.1.8 from JPackage.org

-------------------------------------------------------------------
Fri Feb 18 18:03:35 CET 2005 - skh@suse.de

- update to version 3.1.6
- don't use icecream

-------------------------------------------------------------------
Thu Sep  2 18:26:14 CEST 2004 - skh@suse.de

- Initial package created with version 3.0.11 (JPackage 1.5)

Places

File mysql-connector-java.changes of Package mysql-connector-java.20655

Places