Re: x86 ODBC Connector vulnerability
CVE-2023-3817 is OpenSSL vulnerability, which can be resolved by upgrading OpenSSL version. Affected OpenSSL:
- 1.0.2 up to 'zf'
- 1.1.1 up to 'u'
- 3.0.0 up to 3.0.10
- 3.1.0 up to 3.1.2.
The Connector/ODBC 8.0.37 is shipped with OpenSSL 3.0.13 and it is not affected.
CVE-2023-22102 is probably a typo because I cannot find it in the list:
https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixMSQL
CVE-2023-6129 affects MySQL 8.0.36 and prior (Connector/ODBC 8.0.37 is based on libmysqlclient 8.0.37, so it is not affected).
Subject
Written By
Posted
Re: x86 ODBC Connector vulnerability
October 03, 2024 11:00PM
Sorry, only registered users may post in this forum.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.