Your message dated Mon, 02 Jun 2025 00:19:03 +0000
with message-id <e1ulstl-006t3f...@fasolo.debian.org>
and subject line Bug#1103396: fixed in mysql-connector-python 9.3.0-1
has caused the Debian Bug report #1103396,
regarding rmysql-connector-python: CVE-2025-30714
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1103396: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103396
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mysql-connector-python
Version: 9.2.0-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for mysql-connector-python.
CVE-2025-30714[0]:
| Vulnerability in the MySQL Connectors product of Oracle MySQL
| (component: Connector/Python). Supported versions that are affected
| are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low
| privileged attacker with network access via multiple protocols to
| compromise MySQL Connectors. Successful attacks require human
| interaction from a person other than the attacker. Successful
| attacks of this vulnerability can result in unauthorized access to
| critical data or complete access to all MySQL Connectors accessible
| data. CVSS 3.1 Base Score 4.8 (Confidentiality impacts). CVSS
| Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N).
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-30714
https://www.cve.org/CVERecord?id=CVE-2025-30714
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mysql-connector-python
Source-Version: 9.3.0-1
Done: Daniel Leidert <dleid...@debian.org>
We believe that the bug you reported is fixed in the latest version of
mysql-connector-python, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1103...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Leidert <dleid...@debian.org> (supplier of updated
mysql-connector-python package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 02 Jun 2025 02:01:39 +0200
Source: mysql-connector-python
Architecture: source
Version: 9.3.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team <team+pyt...@tracker.debian.org>
Changed-By: Daniel Leidert <dleid...@debian.org>
Closes: 1103396
Changes:
mysql-connector-python (9.3.0-1) unstable; urgency=medium
.
* Team upload.
* New upstream release:
- Fixes CVE-2025-30714 (closes: #1103396).
Checksums-Sha1:
4cd12f9877cab6753ae8affd0e4ab05a9c1193f3 2186
mysql-connector-python_9.3.0-1.dsc
82a308d7615ca4e272ce9572c373aaad9c715249 16965209
mysql-connector-python_9.3.0.orig.tar.gz
eb759314d43068c783a9fb31804ed2e445bd990b 5824
mysql-connector-python_9.3.0-1.debian.tar.xz
6bad00c16d7040d54d65c6016091510e7ef5ccbd 8436
mysql-connector-python_9.3.0-1_amd64.buildinfo
Checksums-Sha256:
d6e53a543b0d3aedc40354eccee2c97b85222b3286aa30578ba08f959dd8c719 2186
mysql-connector-python_9.3.0-1.dsc
d9f6a858b1f144a440dd9d798d0b48c5cca2e8cdb23bcb935666f5f206adade7 16965209
mysql-connector-python_9.3.0.orig.tar.gz
a9aceb53e4b8b6152258367f1753c55703da028bffbd693f3903fd2fcc799a51 5824
mysql-connector-python_9.3.0-1.debian.tar.xz
ac555db2a8e005220c30b786dee9ae2e5421ff4f2cb112b2e83ca50408c0262f 8436
mysql-connector-python_9.3.0-1_amd64.buildinfo
Files:
068c5080fe7c00d7d82bf9f3ccc3ccb3 2186 python optional
mysql-connector-python_9.3.0-1.dsc
b054e1caacdedeb76060793683ff3fae 16965209 python optional
mysql-connector-python_9.3.0.orig.tar.gz
4902a197d38c322c43e8d0c1e3d2e751 5824 python optional
mysql-connector-python_9.3.0-1.debian.tar.xz
62ac27d3f39484fb890c255b5f783a7a 8436 python optional
mysql-connector-python_9.3.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAmg86swACgkQS80FZ8KW
0F1QEA//aGp4xV8SAdPK+scgR/iE9oy4Jo3VKm4KQfJMCaKF/q9HLKTw5bpxII10
Or+SX34sCt2alTNoIbVB1jm4SjnwnsICTXVbwF2OiV0MXI0/OD32RTVKGjoh1evT
cA+5iOuWjuLRwMflebUrXmOJ3adoVSoH2nA2II4984hM8aRn5XZw8WJti8N+Ijam
49JVDZANcnGXuGPbAc4TDFrUA+EGxI3IqhP7539mmiLMtccwkegPDZawQ7NsWc1t
B/mcfyfIVXMu7FmNN5lz+Ft424djdBJ8CRVjZDTJ3xJoOFKMYrxETj/qf8bkkvsl
PHun5JAzlDp6E1nxSJwTEHg45nRcnpWHMmmju323DYypWOUz0zemja2n9xNHYwmB
OsyztNwjy2UK0VG8iRk0QBuxLL9Iv6PdrQDRwAorxMTuXxXSNb5YbPLCGrqSaJzQ
1xc4WfL03UR4Eqll8XD67a/QWkYLGNSMO8ZviNc9hWu+eoOf8SedUVodvdClj85D
nKl0PPuYxfCMqD6Mw1tgSsePrEbvDdzAjWOE828CynM9W1NySgRxF/BAmFxMS12P
lNdiXBWgqO1zrhXqnt8RoTWjQ6kFUNU2Z+Ry/mdzeKAFgukpFfNlTAJEkVgjIg7+
xjtnXZRqo0qrE4ZGfr5BIFJ0+ebIsTuMT4z8u2aH/MVBwrmh1hE=
=31qJ
-----END PGP SIGNATURE-----
pgpFus1u6zxUx.pgp
Description: PGP signature
--- End Message ---
