We are proud to announce the latest release of ProxySQL version 2.4.8
ProxySQL is a high performance, high availability, protocol aware proxy for MySQL, with a GPL license! It can be downloaded from the ProxySQL Repository (instructions here) or for a Docker image check out the Official ProxySQL Docker Repository. ProxySQL is freely usable and accessible according to the GNU GPL v3.0 license.
Release Overview Highlights
ProxySQL v2.4.8 is a patch release comprising of several security bug fixes. This release is the eight patch release of the 2.4 branch and includes minor and major fixes and improvements that were introduced in the 2.x branches after 2.4.0 was released.
Detailed release notes for ProxySQL 2.4.8 are available on the release page, a few new changes worth of mentioning are:
- Update OpenSSL to 3.0.8
- Fixed NULL dereference during PKCS7 data verification.
- Fixed X.400 address type confusion in X.509 GeneralName.
- Fixed NULL dereference validating DSA public key.
- Fixed Invalid pointer dereference in d2i_PKCS7 functions.
- Fixed Use-after-free following BIO_new_NDEF.
- Fixed Double free after calling PEM_read_bio_ex.
- Fixed Timing Oracle in RSA Decryption.
- Fixed X.509 Name Constraints Read Buffer Overflow.
- Fixed X.509 Policy Constraints Double Locking security issue.
A special thanks to all the people that report bugs: this makes each version of ProxySQL better than the previous. Please report any bugs or feature requests on the project’s Github issue tracker.
If you have any questions please do not hesitate to contact us. Our performance and scalability experts are readily available to evaluate the overall state of your database infrastructure and help to build a robust and reliable MySQL HA architecture.
We also offer consulting, long term support and training for ProxySQL & MySQL Environments