Skip to content

Commit

Permalink
629 no support for the mysql connector python library in version 900 (#…
Browse files Browse the repository at this point in the history
…688)

* Update import for MySQL connector
* Unpin mysql-connector-python version
* Pin mysql-connector-python to >=9.1.0 for CVE-2024-21272

Co-authored-by: dtrai2 <[email protected]>

* Update changelog

---------

Co-authored-by: dtrai2 <[email protected]>
  • Loading branch information
ppcad and dtrai2 authored Oct 28, 2024
1 parent 431ab54 commit 499ff55
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@
* ensure `logprep.abc.Component.Config` is immutable and can be applied multiple times
* remove lost callback reassign behavior from `kafka_input` connector
* remove manual commit option from `kafka_input` connector
* pin `mysql-connector-python` to >=9.1.0 to accommodate for CVE-2024-21272 and update `MySQLConnector` to work with the new version

## 13.1.2
### Bugfix
Expand Down
2 changes: 1 addition & 1 deletion logprep/processor/generic_adder/mysql_connector.py
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ class MySQLConnector:
_last_table_checksum: Optional[int]
"""Checksum of the database table that was obtained on the last update check"""

_cursor: mysql.connector.connection.CursorBase
_cursor: mysql.connector.connection.MySQLCursor

def __init__(self, sql_config: dict):
"""Initialize the MySQLConnector.
Expand Down
2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ dependencies = [
"jsonref",
"luqum",
"more-itertools==8.10.0",
"mysql-connector-python<9",
"mysql-connector-python>=9.1.0", # CVE-2024-21272
"numpy>=1.26.0",
"opensearch-py",
"prometheus_client",
Expand Down

0 comments on commit 499ff55

Please sign in to comment.