Re: Oracle MySQL Connectors (October 2024 CPU)
I appreciate the replies - however the additional language covering the CVEs and then the future updates to the CPU notices has caused them some consternation preventing closure of the finding. Would you please revise to something more concise like the following (I apologize they need the reply not just our interpretation of it)
Thank you
#################################################################################################
The next CPU should contain information about 8.0.40 receiving the same security updates as 9.1.0. From that moment on the information about 8.0.X will be included the future publications.
The patches included in ODBC Driver 8.0.40 cover the following CVE:
CVE-2024-5535
CVE-2024-21262
CVE-2023-45853
There is no separate patch for CVE-2024-6119 because as mentioned in the note on CPU page the patch for CVE-2024-5535 also addresses CVE-2024-6119
CVE-2024-21272 affects Connector/Python 9.0.0 and prior, no other version of this product are going to be mentioned.
Subject
Written By
Posted
November 20, 2024 09:48AM
November 24, 2024 07:58PM
November 24, 2024 08:09PM
Re: Oracle MySQL Connectors (October 2024 CPU)
November 27, 2024 06:44AM
November 28, 2024 12:11AM
Sorry, only registered users may post in this forum.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.