SUSE-SU-2017:2591-1

CVE-2017-3589: An unspecified vulnerability in MySQL Connector/J could have resulted in unauthorized update, insert or delete access to some of MySQL Connectors accessible data (bnc#1035210)
CVE-2017-3523: An unspecified vulnerability in MySQL Connector/J could have lead to takeover of MySQL Connectors (bnc#1035697)
CVE-2017-3586: An unspecified vulnerability in MySQL Connectors could have lead to unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data (bnc#1035211)

More infos are available at http://dev.mysql.com/doc/relnotes/connector-j/en/news-5-1.html

References

Affected packages

SUSE:Linux Enterprise Software Development Kit 12 SP2

mysql-connector-java

Name: mysql-connector-java
Purl: pkg:rpm/suse/mysql-connector-java&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.42-5.4.1

{
    "binaries": [
        {
            "mysql-connector-java": "5.1.42-5.4.1"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2591-1.json"

SUSE:Linux Enterprise Software Development Kit 12 SP3

mysql-connector-java

Name: mysql-connector-java
Purl: pkg:rpm/suse/mysql-connector-java&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.42-5.4.1

{
    "binaries": [
        {
            "mysql-connector-java": "5.1.42-5.4.1"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2591-1.json"