RHSA-2023:1815: Low: Red Hat Integration Debezium 2.1.4 security update
Debezium is a distributed platform that turns your existing databases into event streams, so applications can see and respond immediately to each row-level change in the databases.Debezium is built on top of Apache Kafka and provides Kafka Connect compatible connectors that monitor specific database management systems. Debezium records the history of data changes in Kafka logs, from where your application consumes them. This makes it possible for your application to easily consume all of the events correctly and completely. Even if your application stops unexpectedly, it will not miss anything: when the application restarts, it will resume consuming the events where it left off.Security Fix(es): jdbc-postgresql: postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k (CVE-2022-41946) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2023:1815?
The severity of RHSA-2023:1815 is classified as low.
How do I fix RHSA-2023:1815?
To fix RHSA-2023:1815, it is recommended to update to the latest version of the affected Debezium components.
What software is affected by RHSA-2023:1815?
RHSA-2023:1815 affects the Debezium platform used for change data capture from existing databases.
What type of vulnerability is referenced in RHSA-2023:1815?
RHSA-2023:1815 addresses a security vulnerability in Debezium related to its integration with Apache Kafka.
Is there an exploit available for RHSA-2023:1815?
As of now, there has been no public disclosure of an exploit for RHSA-2023:1815.