MySQL Forums
Forum List  »  Connector/ODBC

Re: Oracle MySQL Connectors (October 2024 CPU)
Posted by: Jarod Burris
Date: November 27, 2024 06:44AM

I appreciate the replies - however the additional language covering the CVEs and then the future updates to the CPU notices has caused them some consternation preventing closure of the finding. Would you please revise to something more concise like the following (I apologize they need the reply not just our interpretation of it)

Thank you

#################################################################################################

The next CPU should contain information about 8.0.40 receiving the same security updates as 9.1.0. From that moment on the information about 8.0.X will be included the future publications.

The patches included in ODBC Driver 8.0.40 cover the following CVE:

CVE-2024-5535
CVE-2024-21262
CVE-2023-45853

There is no separate patch for CVE-2024-6119 because as mentioned in the note on CPU page the patch for CVE-2024-5535 also addresses CVE-2024-6119

CVE-2024-21272 affects Connector/Python 9.0.0 and prior, no other version of this product are going to be mentioned.

Options: ReplyQuote


Subject
Written By
Posted
Re: Oracle MySQL Connectors (October 2024 CPU)
November 27, 2024 06:44AM


Sorry, only registered users may post in this forum.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.