[dolphinscheduler] branch dev updated: There is a vulnerability in postgresql 42.1.4 , upgrade recommended #5292 (#5318)

chengshiwen Tue, 20 Apr 2021 00:04:43 -0700

This is an automated email from the ASF dual-hosted git repository.

chengshiwen pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/dolphinscheduler.git



The following commit(s) were added to refs/heads/dev by this push:
     new f82da57  There is a vulnerability in postgresql 42.1.4 ,upgrade 
recommended #5292 (#5318)
f82da57 is described below

commit f82da57277c825d4588a6a0654b7730d333a5b18
Author: didiaode18 <[email protected]>
AuthorDate: Tue Apr 20 15:04:29 2021 +0800

    There is a vulnerability in postgresql 42.1.4 ,upgrade recommended #5292 
(#5318)
    
    * There is a vulnerability in postgresql 42.1.4 ,upgrade recommended #5292
---
 dolphinscheduler-dist/release-docs/LICENSE | 2 +-
 pom.xml                                    | 2 +-
 tools/dependencies/known-dependencies.txt  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/dolphinscheduler-dist/release-docs/LICENSE 
b/dolphinscheduler-dist/release-docs/LICENSE
index eb73997..ae2af97 100644
--- a/dolphinscheduler-dist/release-docs/LICENSE
+++ b/dolphinscheduler-dist/release-docs/LICENSE
@@ -425,7 +425,7 @@ The text of each license is also included at 
licenses/LICENSE-[project].txt.
     jline 0.9.94: https://github.com/jline/jline3, BSD
     jsch 0.1.42: https://mvnrepository.com/artifact/com.jcraft/jsch/0.1.42, BSD
     leveldbjni-all 1.8: https://github.com/fusesource/leveldbjni, BSD-3-Clause
-    postgresql 42.1.4: 
https://mvnrepository.com/artifact/org.postgresql/postgresql/42.1.4, BSD 
2-clause
+    postgresql 42.2.5: 
https://mvnrepository.com/artifact/org.postgresql/postgresql/42.2.5, BSD 
2-clause
     protobuf-java 2.5.0: 
https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java/2.5.0, BSD 
2-clause
     paranamer 2.3: 
https://mvnrepository.com/artifact/com.thoughtworks.paranamer/paranamer/2.3, BSD
     threetenbp 1.3.6: 
https://mvnrepository.com/artifact/org.threeten/threetenbp/1.3.6,  BSD 3-clause
diff --git a/pom.xml b/pom.xml
index 0dc651f..3be9733 100644
--- a/pom.xml
+++ b/pom.xml
@@ -89,7 +89,7 @@
         <javax.servlet.api.version>3.1.0</javax.servlet.api.version>
         <commons.collections4.version>4.1</commons.collections4.version>
         <guava.version>24.1-jre</guava.version>
-        <postgresql.version>42.1.4</postgresql.version>
+        <postgresql.version>42.2.5</postgresql.version>
         <hive.jdbc.version>2.1.0</hive.jdbc.version>
         <commons.io.version>2.4</commons.io.version>
         <oshi.core.version>3.9.1</oshi.core.version>
diff --git a/tools/dependencies/known-dependencies.txt 
b/tools/dependencies/known-dependencies.txt
index d403b16..14d1674 100755
--- a/tools/dependencies/known-dependencies.txt
+++ b/tools/dependencies/known-dependencies.txt
@@ -190,7 +190,7 @@ plexus-interpolation-1.14.jar
 plexus-sec-dispatcher-1.3.jar
 plexus-utils-2.0.6.jar
 poi-3.17.jar
-postgresql-42.1.4.jar
+postgresql-42.2.5.jar
 presto-jdbc-0.238.1.jar
 protobuf-java-2.5.0.jar
 protostuff-core-1.7.2.jar

[dolphinscheduler] branch dev updated: There is a vulnerability in postgresql 42.1.4 , upgrade recommended #5292 (#5318)

Reply via email to