You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Apache Spark (Jira)" <ji...@apache.org> on 2022/08/06 21:25:00 UTC
[jira] [Assigned] (SPARK-39999) Replace postgresql 42.3.3 with 42.2.26
[ https://issues.apache.org/jira/browse/SPARK-39999?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Apache Spark reassigned SPARK-39999:
------------------------------------
Assignee: (was: Apache Spark)
> Replace postgresql 42.3.3 with 42.2.26
> --------------------------------------
>
> Key: SPARK-39999
> URL: https://issues.apache.org/jira/browse/SPARK-39999
> Project: Spark
> Issue Type: Dependency upgrade
> Components: Build
> Affects Versions: 3.4.0
> Reporter: Bjørn Jørgensen
> Priority: Major
>
> postgresql >= 42.3.0, < 42.4.1 is affected by [CVE-2022-31197|https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2]
> |
> Upgrade postgresql to 42.4.1 won't pass Github actions tests.
> [42.2.26|https://github.com/pgjdbc/pgjdbc/commits/release/42.2] is a backport to fix this CVE
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org