jihoonson opened a new pull request, #12410: URL: https://github.com/apache/druid/pull/12410
### Description Bump PostgreSQL JDBC driver to 42.3.3 that has a fix for https://nvd.nist.gov/vuln/detail/CVE-2022-21724. Druid seems safe from this vulnerability by default as the connection properties used in the attack are not allowed by default. <hr> <!-- Check the items by putting "x" in the brackets for the done things. Not all of these items apply to every PR. Remove the items which are not done or not relevant to the PR. None of the items from the checklist below are strictly necessary, but it would be very helpful if you at least self-review the PR. --> This PR has: - [x] been self-reviewed. - [x] added or updated version, license, or notice information in [licenses.yaml](https://github.com/apache/druid/blob/master/dev/license.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
