Package: jclic
Version: 0.3.2.8-1
Severity: important
Tags: patch
Hello,
we would like to remove libmysql-java from Debian because it is
frequently affected by security vulnerabilities which are not fully
disclosed. This makes it hard to determine the impact of such a flaw.[1]
However we also have libmariadb-java which is a drop-in replacement
and upstream is more transparent about security issues.
Please find attached a patch that make the necessary changes to
the Debian packaging.
Regards,
Markus
[1] https://bugs.debian.org/912916
>From f1c646fd6280c187da8646c5ebe0183692e61fa1 Mon Sep 17 00:00:00 2001
From: Markus Koschany <a...@debian.org>
Date: Fri, 9 Nov 2018 18:32:31 +0100
Subject: [PATCH] Switch from libmysql-java to libmariadb-java.
---
debian/changelog | 7 +++
debian/control | 2 +-
debian/patches/mariadb.patch | 82 ++++++++++++++++++++++++++++++++++++
debian/patches/series | 1 +
4 files changed, 91 insertions(+), 1 deletion(-)
create mode 100644 debian/patches/mariadb.patch
diff --git a/debian/changelog b/debian/changelog
index ba5cbe7..1cf3a74 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+jclic (0.3.2.8-1.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Switch from libmysql-java to libmariadb-java.
+
+ -- Markus Koschany <a...@debian.org> Fri, 09 Nov 2018 18:32:47 +0100
+
jclic (0.3.2.8-1) unstable; urgency=medium
* New upstream version
diff --git a/debian/control b/debian/control
index 71e381f..ad05b4e 100644
--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Standards-Version: 4.1.3.0
Package: jclic
Architecture: all
Depends: ${misc:Depends}, default-jre | java7-runtime
-Recommends: libmysql-java, firefox
+Recommends: libmariadb-java, firefox
Suggests: fonts-liberation | ttf-mscorefonts-installer
Description: Tool for the development & use of multimedia educational
activities
JClic is formed by a set of computer applications that are used for
diff --git a/debian/patches/mariadb.patch b/debian/patches/mariadb.patch
new file mode 100644
index 0000000..982ab35
--- /dev/null
+++ b/debian/patches/mariadb.patch
@@ -0,0 +1,82 @@
+From: Markus Koschany <a...@debian.org>
+Date: Fri, 9 Nov 2018 18:31:17 +0100
+Subject: mariadb
+
+---
+ dist/linux/man/jclicreports.1 | 2 +-
+ dist/reports/jclicReports.properties | 4 ++--
+ extensions/dbconn/config.properties | 2 +-
+ src/report/jclicReports.properties | 2 +-
+ src/report/reportServlets/edu/xtec/jclic/jclicReports.properties | 2 +-
+ 5 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/dist/linux/man/jclicreports.1 b/dist/linux/man/jclicreports.1
+index 5f11fcb..e1b876f 100644
+--- a/dist/linux/man/jclicreports.1
++++ b/dist/linux/man/jclicreports.1
+@@ -106,7 +106,7 @@ for first time.
+ .TP
+ .B dbServer jdbc\:mysql\://localhost/JClicReports
+ .TP
+-.B dbDriver com.mysql.jdbc.Driver
++.B dbDriver org.mariadb.jdbc.Driver
+ .TP
+ .B dbLogin root
+ .TP
+diff --git a/dist/reports/jclicReports.properties
b/dist/reports/jclicReports.properties
+index 0d3bd84..e7bcd7c 100644
+--- a/dist/reports/jclicReports.properties
++++ b/dist/reports/jclicReports.properties
+@@ -6,11 +6,11 @@
+ # Name of the JDBC driver
+ #--------------------------------------------------------------------------
+ # Examples: ODBC: sun.jdbc.odbc.JdbcOdbcDriver
+-# MySQL: com.mysql.jdbc.Driver
++# MySQL: org.mariadb.jdbc.Driver
+ # PointBase: com.pointbase.jdbc.jdbcUniversalDriver
+ # Oracle: oracle.jdbc.driver.OracleDriver
+ #--------------------------------------------------------------------------
+-dbDriver=com.mysql.jdbc.Driver
++dbDriver=org.mariadb.jdbc.Driver
+
+ #--------------------------------------------------------------------------
+ # URL of the the database
+diff --git a/extensions/dbconn/config.properties
b/extensions/dbconn/config.properties
+index 7c30a6c..ed937c3 100644
+--- a/extensions/dbconn/config.properties
++++ b/extensions/dbconn/config.properties
+@@ -2,7 +2,7 @@
+ #ODBC: sun.jdbc.odbc.JdbcOdbcDriver
+ #PointBase: com.pointbase.jdbc.jdbcUniversalDriver
+ #Oracle: oracle.jdbc.driver.OracleDriver
+-#MySQL: com.mysql.jdbc.Driver
++#MySQL: org.mariadb.jdbc.Driver
+ #JNDI datasource lookup: JNDI
+ dbDriver=oracle.jdbc.driver.OracleDriver
+
+diff --git a/src/report/jclicReports.properties
b/src/report/jclicReports.properties
+index 8570f10..532314c 100644
+--- a/src/report/jclicReports.properties
++++ b/src/report/jclicReports.properties
+@@ -6,7 +6,7 @@
+ # Name of the JDBC driver
+ #--------------------------------------------------------------------------
+ # Examples: ODBC: sun.jdbc.odbc.JdbcOdbcDriver
+-# MySQL: com.mysql.jdbc.Driver
++# MySQL: org.mariadb.jdbc.Driver
+ # PointBase: com.pointbase.jdbc.jdbcUniversalDriver
+ # Oracle: oracle.jdbc.driver.OracleDriver
+ #--------------------------------------------------------------------------
+diff --git a/src/report/reportServlets/edu/xtec/jclic/jclicReports.properties
b/src/report/reportServlets/edu/xtec/jclic/jclicReports.properties
+index 2a9e32c..330cabf 100644
+--- a/src/report/reportServlets/edu/xtec/jclic/jclicReports.properties
++++ b/src/report/reportServlets/edu/xtec/jclic/jclicReports.properties
+@@ -6,7 +6,7 @@
+ # Name of the JDBC driver
+ #--------------------------------------------------------------------------
+ # Examples: ODBC: sun.jdbc.odbc.JdbcOdbcDriver
+-# MySQL: com.mysql.jdbc.Driver
++# MySQL: org.mariadb.jdbc.Driver
+ # PointBase: com.pointbase.jdbc.jdbcUniversalDriver
+ # Oracle: oracle.jdbc.driver.OracleDriver
+ #--------------------------------------------------------------------------
diff --git a/debian/patches/series b/debian/patches/series
index 3ecf17f..4028367 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
java9-compatibility.patch
+mariadb.patch
--
2.19.1
