[jira] [Created] (SPARK-39999) Replace postgresql 42.3.3 with 42.2.26

Jira Sat, 06 Aug 2022 14:16:05 -0700

Bjørn Jørgensen created SPARK-39999:
---------------------------------------


             Summary: Replace postgresql 42.3.3 with 42.2.26
                 Key: SPARK-39999
                 URL: https://issues.apache.org/jira/browse/SPARK-39999
             Project: Spark
          Issue Type: Dependency upgrade
          Components: Build
    Affects Versions: 3.4.0
            Reporter: Bjørn Jørgensen


postgresql >= 42.3.0, < 42.4.1 is affected by [CVE-2022-31197
|https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2]

Upgrade postgresql to 42.4.1 won't pass Github actions tests. 

[42.2.26|https://github.com/pgjdbc/pgjdbc/commits/release/42.2] is a backport 
to fix this CVE






--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

[jira] [Created] (SPARK-39999) Replace postgresql 42.3.3 with 42.2.26

Reply via email to