close

Filter

Release Notes / Version 10.2107
Table Of Contents

The mysql-connector-java Java library has been updated to version 8.0.28 to avoid security vulnerability CVE-2022-21363 of the previous version. Note, that the updated version of mysql-connector-java also dropped support for deprecated TLSv1 and TLSv1.1 connection protocols and requires using more-secure TLSv1.2 or TLSv1.3 protocols.

For details, see the release notes of the mysql-connector-java driver in https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8-0-28.html .

The MySQL Server has to support at least TLSv1.2 when using the new driver version. Note, that the official docker image for the community edition of MySQL 5.7 doesn't currently support that, see https://github.com/docker-library/mysql/issues/567 . If you are using that image with SSL enabled, you will have to adapt your setup, or revert the update of the driver in shared/common/modules/shared/database-drivers/pom.xml . You could also think about updating to MySQL 8, which is also still supported for the next major release CMCC 11.

(CMS-21104)

Was this article useful?

Search Results

Table Of Contents