You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@druid.apache.org by GitBox <gi...@apache.org> on 2022/04/07 17:59:34 UTC

[GitHub] [druid] jihoonson opened a new pull request, #12410: Bump PostgreSQL JDBC driver to 42.3.3 (CVE-2022-21724)

jihoonson opened a new pull request, #12410:
URL: https://github.com/apache/druid/pull/12410

   ### Description
   
   Bump PostgreSQL JDBC driver to 42.3.3 that has a fix for https://nvd.nist.gov/vuln/detail/CVE-2022-21724. Druid seems safe from this vulnerability by default as the connection properties used in the attack are not allowed by default.
   
   <hr>
   
   <!-- Check the items by putting "x" in the brackets for the done things. Not all of these items apply to every PR. Remove the items which are not done or not relevant to the PR. None of the items from the checklist below are strictly necessary, but it would be very helpful if you at least self-review the PR. -->
   
   This PR has:
   - [x] been self-reviewed.
   - [x] added or updated version, license, or notice information in [licenses.yaml](https://github.com/apache/druid/blob/master/dev/license.md)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org

[GitHub] [druid] abhishekagarwal87 merged pull request #12410: Bump PostgreSQL JDBC driver to 42.3.3 (CVE-2022-21724)

Posted by GitBox <gi...@apache.org>.

abhishekagarwal87 merged PR #12410:
URL: https://github.com/apache/druid/pull/12410


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org