You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@spark.apache.org by GitBox <gi...@apache.org> on 2022/08/06 21:22:23 UTC

[GitHub] [spark] bjornjorgensen opened a new pull request, #37429: [SPARK-39999][BUILD] Replace `postgresql` 42.3.3 with 42.2.26

bjornjorgensen opened a new pull request, #37429:
URL: https://github.com/apache/spark/pull/37429

   ### What changes were proposed in this pull request?
   Replace `postgresql` 42.3.3 with 42.2.26
   
   
   ### Why are the changes needed?
   postgresql >= 42.3.0, < 42.4.1 is affected by [CVE-2022-31197](https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2) 
   
   Upgrade postgresql to 42.4.1 won't pass Github actions tests. 
   
   [42.2.26](https://github.com/pgjdbc/pgjdbc/commits/release/42.2) is a backport to fix this CVE
   
   ### Does this PR introduce _any_ user-facing change?
   No.
   
   
   
   ### How was this patch tested?
   Pass GA.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] bjornjorgensen closed pull request #37429: [SPARK-39999][BUILD] Replace `postgresql` 42.3.3 with 42.2.26

Posted by GitBox <gi...@apache.org>.

bjornjorgensen closed pull request #37429: [SPARK-39999][BUILD] Replace `postgresql` 42.3.3 with 42.2.26
URL: https://github.com/apache/spark/pull/37429


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] bjornjorgensen commented on pull request #37429: [SPARK-39999][BUILD] Replace `postgresql` 42.3.3 with 42.2.26

Posted by GitBox <gi...@apache.org>.

bjornjorgensen commented on PR #37429:
URL: https://github.com/apache/spark/pull/37429#issuecomment-1209417589

   Ok, thanks. I just closed this one. 
   The latest 42.4.1 won't pass Github actions tests. 
   "Last failure message: GSS Authentication failed. (DockerJDBCIntegrationSuite.scala:166)"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] srowen commented on pull request #37429: [SPARK-39999][BUILD] Replace `postgresql` 42.3.3 with 42.2.26

Posted by GitBox <gi...@apache.org>.

srowen commented on PR #37429:
URL: https://github.com/apache/spark/pull/37429#issuecomment-1209384041

   Oh, this is a downgrade? hm, no I don't think we should do that _if_ there is no evident value to the change because the CVE won't affect Spark itself, just tests if anything


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #37429: [SPARK-39999][BUILD] Replace `postgresql` 42.3.3 with 42.2.26

Posted by GitBox <gi...@apache.org>.

AmplabJenkins commented on PR #37429:
URL: https://github.com/apache/spark/pull/37429#issuecomment-1207386636

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org