MySQL Forums
Forum List  »  Connector/ODBC

Re: MySQL ODBC Connector 8.0.37 vulnerability
Posted by: Bogdan Degtyariov
Date: October 20, 2024 06:38PM

According to the following list:

https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixMSQL

CVE-2023-6129 affects MySQL 8.0.36 and prior (Connector/ODBC 8.0.37 is based on libmysqlclient 8.0.37, so it is not affected).

NOTE: In the present situation it is not entirely correct to assume that 8.3 is newer than any 8.0.X. The version 8.3 is higher, but it is no longer being maintained.

The MySQL Server 8.0 and Connector/ODBC 8.0 are still released and they still receive security patches and have critical bugs fixed.

That is why I said 8.0.37 was not affected by CVE in question.

Please check this post:
https://forums.mysql.com/read.php?37,726673,726673#msg-726673

CVE-2023-22102 is probably a typo because I cannot find it in the above list.

Options: ReplyQuote


Subject
Written By
Posted
Re: MySQL ODBC Connector 8.0.37 vulnerability
October 20, 2024 06:38PM


Sorry, only registered users may post in this forum.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.