I see that at https://cloud.google.com/sql/docs/mysql/release-notes MySQL 5.7.25 just became available, but that version is well over a year old, and there have been several CVEs fixed between 5.7.25 and the current version 5.7.30.
-- How come? is it:
a) Google Cloud SQL is just behind, and thus vulnerable to all those CVEs?
b) someone on the Google Cloud SQL team evaluated all those CVEs and decided they didn't apply to Google Cloud SQL?
c) is the Google Cloud team making a fork of the real MySQL 5.7.25 and patching it up with the fixes for those CVEs, without increasing the version number, the way the Ubuntu team does sometimes for their packages?
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/f8198538-2baa-4656-9ecc-833268077bef%40googlegroups.com.
No comments:
Post a Comment