I think there is a typo in the announcement. 42.2.8 is 4 year old, 42.2.28 was
issued this night. That’s suspicious.
> Le 21 févr. 2024 à 09:24, Sandro Bonazzola a écrit :
>
> I'm not an expert on this topic, but according engine's pom we are using
> 42.2.27 which doesn't seem to be in the list of the affected version on
> https://github.com/advisories/GHSA-xfg6-62px-cxc2
>
> Il giorno mer 21 feb 2024 alle ore 09:09 Fabrice Bacchella via Users
> mailto:users@ovirt.org>> ha scritto:
>> Does oVirt is exposed to CVE-2024-1597 ?
>>
>> To be exposed, the jdbc driver needs to be used with PreferQueryMode=SIMPLE.
>> Is that the situation ?
>> ___
>> Users mailing list -- users@ovirt.org <mailto:users@ovirt.org>
>> To unsubscribe send an email to users-le...@ovirt.org
>> <mailto:users-le...@ovirt.org>
>> Privacy Statement: https://www.ovirt.org/privacy-policy.html
>> oVirt Code of Conduct:
>> https://www.ovirt.org/community/about/community-guidelines/
>> List Archives:
>> https://lists.ovirt.org/archives/list/users@ovirt.org/message/MORV4QFHRUUKWEWTXSLUWKADCF7YTYW6/
>
>
> --
> Sandro Bonazzola
> MANAGER, SOFTWARE ENGINEERING
> Red Hat In-Vehicle Operating System
> Red Hat EMEA <https://www.redhat.com/>
> <https://www.redhat.com/>
> Red Hat respects your work life balance. Therefore there is no need to answer
> this email out of your office hours.
>
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/U6RRN65LSS3NOMSR2LLT5QJAN3NNK2OA/