commit mysql-connector-java for openSUSE:Factory
Hello community, here is the log from the commit of package mysql-connector-java for openSUSE:Factory checked in at 2017-05-06 18:24:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mysql-connector-java (Old) and /work/SRC/openSUSE:Factory/.mysql-connector-java.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mysql-connector-java" Sat May 6 18:24:51 2017 rev:25 rq:492576 version:5.1.35 Changes: -------- --- /work/SRC/openSUSE:Factory/mysql-connector-java/mysql-connector-java.changes 2015-06-17 16:14:50.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.mysql-connector-java.new/mysql-connector-java.changes 2017-05-06 18:24:52.307693352 +0200 @@ -1,0 +2,9 @@ +Tue May 2 15:20:16 UTC 2017 - pmonrealgonzalez@suse.com + +- Fix for CVE-2017-3523 (bsc#1035697) + * Unexpected automatic deserialisation of Java objects + * Affected software: MySQL Connector/J + * Remote Code Execution Vulnerability +- Added patch: mysql-connector-java-5.1.35-CVE-2017-3523.patch + +------------------------------------------------------------------- New: ---- mysql-connector-java-5.1.35-CVE-2017-3523.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mysql-connector-java.spec ++++++ --- /var/tmp/diff_new_pack.Wpm0dx/_old 2017-05-06 18:24:53.163572582 +0200 +++ /var/tmp/diff_new_pack.Wpm0dx/_new 2017-05-06 18:24:53.171571454 +0200 @@ -1,7 +1,7 @@ # # spec file for package mysql-connector-java # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -37,6 +37,9 @@ Patch3: mysql-connector-java-jdbc-4.1.patch # PATCH-FIX-UPSTREAM: do not lose classpath during tests build Patch4: use-classpath-in-tests.patch +# PATCH_FIX-UPSTREAM: CVE-2017-3523 Oracle MySQL <=5.1.40 Connector/J +# Remote Code Execution Vulnerability +Patch5: mysql-connector-java-5.1.35-CVE-2017-3523.patch BuildRequires: ant BuildRequires: ant-contrib BuildRequires: apache-commons-logging @@ -74,6 +77,7 @@ %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 # dup rm -f README ++++++ mysql-connector-java-5.1.35-CVE-2017-3523.patch ++++++ --- mysql-connector-java-5.1.35.orig/src/com/mysql/jdbc/ResultSetImpl.java +++ mysql-connector-java-5.1.35/src/com/mysql/jdbc/ResultSetImpl.java @@ -3436,27 +3436,26 @@ public class ResultSetImpl implements Re byte[] data = getBytes(columnIndex); Object obj = data; - if ((data != null) && (data.length >= 2)) { - if ((data[0] == -84) && (data[1] == -19)) { - // Serialized object? - try { - ByteArrayInputStream bytesIn = new ByteArrayInputStream(data); - ObjectInputStream objIn = new ObjectInputStream(bytesIn); - obj = objIn.readObject(); - objIn.close(); - bytesIn.close(); - } catch (ClassNotFoundException cnfe) { - throw SQLError.createSQLException( - Messages.getString("ResultSet.Class_not_found___91") + cnfe.toString() - + Messages.getString("ResultSet._while_reading_serialized_object_92"), getExceptionInterceptor()); - } catch (IOException ex) { - obj = data; // not serialized? + if (this.connection.getAutoDeserialize()) { + if ((data != null) && (data.length >= 2)) { + if ((data[0] == -84) && (data[1] == -19)) { + // Serialized object? + try { + ByteArrayInputStream bytesIn = new ByteArrayInputStream(data); + ObjectInputStream objIn = new ObjectInputStream(bytesIn); + obj = objIn.readObject(); + objIn.close(); + bytesIn.close(); + } catch (ClassNotFoundException cnfe) { + throw SQLError.createSQLException(Messages.getString("ResultSet.Class_not_found___91") + cnfe.toString() + + Messages.getString("ResultSet._while_reading_serialized_object_92"), getExceptionInterceptor()); + } catch (IOException ex) { + obj = data; // not serialized? + } } - } - - return obj.toString(); - } - + return obj.toString(); + } + } return extractStringFromNativeColumn(columnIndex, mysqlType); }
participants (1)
-
root@hilbert.suse.de