v42.7.2
Security
CVE-2024-1597 and Security Advisory addressed. The vulnerability occurs only in non-default preferQueryMode=simple
mode and only if a negative place holder -?
is used. See the security advisory for details
What's Changed
- perf: avoid autoboxing bind indexes by @bokken in #1244
- add: Add PasswordUtil for encrypting passwords client side by @sehrope in #3082
- refactor: document that encodePassword will zero out the password array, and remove driver's default encodePassword by @vlsi in #3084
- change: Use simple query for isValid. Using Extended query sends two messages by @davecramer in #3101
Full Changelog: REL42.7.1...REL42.7.2