On Tue, Jun 09, 2020 at 12:05:33PM +0200, Sylvain Beucler wrote:
> Do you plan to send a DSA? I prepared the following text:
DSA has been released!
Cheers,
Moritz
On Tue, Jun 09, 2020 at 12:05:33PM +0200, Sylvain Beucler wrote:
> Do you plan to send a DSA?
Yeah, should go out tomorrow.
Cheers,
Moritz
Hi Security Team,
On 07/06/2020 09:44, Moritz Mühlenhoff wrote:
> On Fri, Jun 05, 2020 at 02:27:50PM +0200, Sylvain Beucler wrote:
>> On 05/06/2020 09:23, Sylvain Beucler wrote:
>> I finished testing and I prepared the upload accordingly:
>>
>> https://www.beuc.net/tmp/debian-lts/mysql-connector-j
Hi,
On 07/06/2020 10:48, Salvatore Bonaccorso wrote:
> On Fri, Jun 05, 2020 at 09:23:12AM +0200, Sylvain Beucler wrote:
> [...]
>> Hi Salvatore,
>>
>> On 04/06/2020 20:41, Salvatore Bonaccorso wrote:
>>> On Mon, May 25, 2020 at 07:47:56PM +0200, Moritz Mühlenhoff wrote:
On Mon, May 25, 2020 a
Hi Sylvain,
On Fri, Jun 05, 2020 at 09:23:12AM +0200, Sylvain Beucler wrote:
[...]
> Hi Salvatore,
>
> On 04/06/2020 20:41, Salvatore Bonaccorso wrote:
> > On Mon, May 25, 2020 at 07:47:56PM +0200, Moritz Mühlenhoff wrote:
> >> On Mon, May 25, 2020 at 10:22:50AM +0200, Sylvain Beucler wrote:
> >>
On Fri, Jun 05, 2020 at 02:27:50PM +0200, Sylvain Beucler wrote:
> Hi Security Team,
>
> On 05/06/2020 09:23, Sylvain Beucler wrote:
> > On 04/06/2020 20:41, Salvatore Bonaccorso wrote:
> >> On Mon, May 25, 2020 at 07:47:56PM +0200, Moritz Mühlenhoff wrote:
> >>> On Mon, May 25, 2020 at 10:22:50AM
Hi Security Team,
On 05/06/2020 09:23, Sylvain Beucler wrote:
> On 04/06/2020 20:41, Salvatore Bonaccorso wrote:
>> On Mon, May 25, 2020 at 07:47:56PM +0200, Moritz Mühlenhoff wrote:
>>> On Mon, May 25, 2020 at 10:22:50AM +0200, Sylvain Beucler wrote:
Hi Security Team,
What is your
Hi Salvatore,
On 04/06/2020 20:41, Salvatore Bonaccorso wrote:
> On Mon, May 25, 2020 at 07:47:56PM +0200, Moritz Mühlenhoff wrote:
>> On Mon, May 25, 2020 at 10:22:50AM +0200, Sylvain Beucler wrote:
>>> Hi Security Team,
>>>
>>> What is your view on updating mysql-connector-java 5.1.42->5.1.49 fo
hi,
On Mon, May 25, 2020 at 07:47:56PM +0200, Moritz Mühlenhoff wrote:
> On Mon, May 25, 2020 at 10:22:50AM +0200, Sylvain Beucler wrote:
> > Hi Security Team,
> >
> > What is your view on updating mysql-connector-java 5.1.42->5.1.49 for
> > Stretch?
>
> We can update to 5.1.49, yes. We've had t
On Mon, May 25, 2020 at 10:22:50AM +0200, Sylvain Beucler wrote:
> Hi Security Team,
>
> What is your view on updating mysql-connector-java 5.1.42->5.1.49 for
> Stretch?
We can update to 5.1.49, yes. We've had to update it to new 5.1.x
releases in the past and I don't remember any issues. The fac
Hi Security Team,
What is your view on updating mysql-connector-java 5.1.42->5.1.49 for
Stretch?
Would you need a complete debdiff specifically for Stretch to make a
decision, or do you already have feedback on this proposal?
Cheers!
Sylvain
On 11/05/2020 13:51, Sylvain Beucler wrote:
> On 08/0
Le 11/05/2020 à 13:51, Sylvain Beucler a écrit :
> Maybe Markus (as last uploader) or Emmanuel (former maintainer) have
> feedback on upgrading libmysql-connector-java to the latest stable
> dot-release 5.1.42->5.1.49?
The MySQL connector is rather stable and upgrading it is usually a safe
operat
Hi,
On 08/05/2020 11:39, Chris Lamb wrote:
>> The 3 recent vulnerabilities are an opportunity to refresh the package,
>> so as not to have too big of a diff should a more critical vulnerability
>> happen in the future.
>
> No objections in theory but I am finding it difficult to gauge the
> risk
Hi Sylvain et al.,
> The 3 recent vulnerabilities are an opportunity to refresh the package,
> so as not to have too big of a diff should a more critical vulnerability
> happen in the future.
No objections in theory but I am finding it difficult to gauge the
risk of introducing problems by refres
Hi,
Package mysql-connector-java is packaged in Debian up to stretch (and
was replaced with mariadb-connector-java starting with buster).
Consequently we need to provide security updates for a while longer.
Due to lack of disclosure from Oracle, we cannot identify (let alone
backport) the individ
15 matches
Mail list logo
