Package: mysql-connector-net X-Debbugs-CC: t...@security.debian.org secure-testing-t...@lists.alioth.debian.org Severity: important Tags: grave Version: 6.4.3-2
Hi, the following vulnerability was published for mysql-connector-net. CVE-2018-2585[0]: | Vulnerability in the MySQL Connectors component of Oracle MySQL | (subcomponent: Connector/Net). Supported versions that are affected | are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable | vulnerability allows unauthenticated attacker with network access via | multiple protocols to compromise MySQL Connectors. Successful attacks | of this vulnerability can result in unauthorized ability to cause a | hang or frequently repeatable crash (complete DOS) of MySQL | Connectors. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS | Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-2585 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2585 Please adjust the affected versions in the BTS as needed.