Uploaded image for project: 'OpenMRS Core'
  1. OpenMRS Core
  2. TRUNK-5356

Upgrade mysql:mysql-connector-java

    XMLWordPrintable

    Details

    • Type: Enhancement
    • Status: Closed
    • Priority: Should
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Core 2.2.0
    • Component/s: None
    • Labels:
      None
    • Complexity:
      Low

      Description

      The mysql JDBC connector we ship is > 2 years old and has known vulnerabilities

      https://snyk.io/test/github/openmrs/openmrs-core?severity=high&severity=medium&severity=low#SNYK-JAVA-MYSQL-31580

      I suggest updating it to

      https://mvnrepository.com/artifact/mysql/mysql-connector-java/5.1.45

      see connector docs
      https://dev.mysql.com/doc/connector-j/5.1/en/connector-j-versions.html

      tested update against mysql docker images https://hub.docker.com/_/mysql/ of mysql versions:

      • 5.7.19
      • 5.6.39
      • 5.5.59

        Attachments

          Activity

            People

            Assignee:
            teleivo Ivo Ulrich
            Reporter:
            teleivo Ivo Ulrich
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: