Re: x86 ODBC Connector vulnerability
CVE-2023-3817 is OpenSSL vulnerability, which can be resolved by upgrading OpenSSL version. Affected OpenSSL:
- 1.0.2 up to 'zf'
- 1.1.1 up to 'u'
- 3.0.0 up to 3.0.10
- 3.1.0 up to 3.1.2.
The Connector/ODBC 8.0.37 is shipped with OpenSSL 3.0.13 and it is not affected.
CVE-2023-22102 is probably a typo because I cannot find it in the list:
https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixMSQL
CVE-2023-6129 affects MySQL 8.0.36 and prior (Connector/ODBC 8.0.37 is based on libmysqlclient 8.0.37, so it is not affected).
Subject
Written By
Posted
Re: x86 ODBC Connector vulnerability
October 03, 2024 11:00PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.