I think there is a typo in the announcement. 42.2.8 is 4 year old, 42.2.28 was issued this night. That’s suspicious.
> Le 21 févr. 2024 à 09:24, Sandro Bonazzola <[email protected]> a écrit : > > I'm not an expert on this topic, but according engine's pom we are using > 42.2.27 which doesn't seem to be in the list of the affected version on > https://github.com/advisories/GHSA-xfg6-62px-cxc2 > > Il giorno mer 21 feb 2024 alle ore 09:09 Fabrice Bacchella via Users > <[email protected] <mailto:[email protected]>> ha scritto: >> Does oVirt is exposed to CVE-2024-1597 ? >> >> To be exposed, the jdbc driver needs to be used with PreferQueryMode=SIMPLE. >> Is that the situation ? >> _______________________________________________ >> Users mailing list -- [email protected] <mailto:[email protected]> >> To unsubscribe send an email to [email protected] >> <mailto:[email protected]> >> Privacy Statement: https://www.ovirt.org/privacy-policy.html >> oVirt Code of Conduct: >> https://www.ovirt.org/community/about/community-guidelines/ >> List Archives: >> https://lists.ovirt.org/archives/list/[email protected]/message/MORV4QFHRUUKWEWTXSLUWKADCF7YTYW6/ > > > -- > Sandro Bonazzola > MANAGER, SOFTWARE ENGINEERING > Red Hat In-Vehicle Operating System > Red Hat EMEA <https://www.redhat.com/> > <https://www.redhat.com/> > Red Hat respects your work life balance. Therefore there is no need to answer > this email out of your office hours. > >
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/U6RRN65LSS3NOMSR2LLT5QJAN3NNK2OA/
