On 1/25/2023 3:16 PM, Eric Covener wrote:
I can't state this enough: this is a serious security threat. MySQL connections need TLS support
from APR. This isn't a "feature"; it is a "security" issue. We should all
care very deeply about this.
I think it is/can be both a feature and a
ature"; it is a
"security" issue. We should all care very deeply about this.
I'm asking that the next release of APR be held until this important fix
is merged in.
Thank you all very much for your time,
William Kimball, Jr. MBA, MSIS
ce and any guidance,
William Kimball, Jr., MBA, MSIS
On 1/21/2023 3:46 PM, Eric Covener wrote:
On Sat, Jan 21, 2023 at 4:21 PM William Kimball Jr.
wrote:
I'm sorry if this is not an appropriate thread to ask, but will this release
includehttps://bz.apache.org/bugzilla/show_bug.cgi?id=62342 (apr
, Eric Covener wrote:
On Sat, Jan 21, 2023 at 4:21 PM William Kimball Jr.
wrote:
I'm sorry if this is not an appropriate thread to ask, but will this release
includehttps://bz.apache.org/bugzilla/show_bug.cgi?id=62342 (apr_dbd_mysql Lacks TLS
Support )? I submitted that fix way back in 2018
I'm sorry if this is not an appropriate thread to ask, but will this
release include https://bz.apache.org/bugzilla/show_bug.cgi?id=62342
(apr_dbd_mysql Lacks TLS Support )? I submitted that fix way back in
2018 and I don't know how to tell whether it has "made it in".
On 1/20/2023 9:30 AM,
wants a release,
I'd love to take part in that other process.
Thanks for any consideration,
William Kimball Jr.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Speaking of suggestions, may I please suggest closing a glaring security
hole in apr_dbd_mysql, per
https://bz.apache.org/bugzilla/show_bug.cgi?id=62342? I have provided
diffs for 1.5 -- because my organization uses RHEL 7, which uses APR 1.5
-- and 2.0 -- because someone on this list
APR Developers,
Hello! I joined a little while back out of a need to add TLS
capabilities to apr_dbd_mysql
(https://bz.apache.org/bugzilla/show_bug.cgi?id=62342). In my
exuberance to contribute and solve this problem quickly -- I have
another project waiting for this fix -- I just cloned
