You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "Apache Spark (Jira)" <ji...@apache.org> on 2022/08/06 21:25:00 UTC

[jira] [Assigned] (SPARK-39999) Replace postgresql 42.3.3 with 42.2.26

     [ https://issues.apache.org/jira/browse/SPARK-39999?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Apache Spark reassigned SPARK-39999:
------------------------------------

    Assignee:     (was: Apache Spark)

> Replace postgresql 42.3.3 with 42.2.26
> --------------------------------------
>
>                 Key: SPARK-39999
>                 URL: https://issues.apache.org/jira/browse/SPARK-39999
>             Project: Spark
>          Issue Type: Dependency upgrade
>          Components: Build
>    Affects Versions: 3.4.0
>            Reporter: Bjørn Jørgensen
>            Priority: Major
>
> postgresql >= 42.3.0, < 42.4.1 is affected by [CVE-2022-31197|https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2]
> |
> Upgrade postgresql to 42.4.1 won't pass Github actions tests. 
> [42.2.26|https://github.com/pgjdbc/pgjdbc/commits/release/42.2] is a backport to fix this CVE



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org