Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-30882

Upgrade PostgreSQL JDBC driver to version 42.2.25

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 10.10
    • Fix Version/s: 10.10-HF59
    • Component/s: Security
    • Release Notes Summary:
      PostgreSQL JDBC driver is upgraded to version 42.2.25
    • Tags:
    • Backlog priority:
      1,000

      Description

      Current versions (42.2.5 and 42.2.18) are exposed to a known CVE : CVE-2022-21724

      The recommendation is to upgrade org.postgresql:postgresql to version 42.2.25, 42.3.2 or higher

      https://security.snyk.io/vuln/SNYK-JAVA-ORGPOSTGRESQL-2390459

        Attachments

          Issue Links

          is related to

          Task - A task that needs to be done. NXP-30887 Upgrade PostgreSQL JDBC driver to version 42.3.3

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 15 minutes
                  15m