[
https://issues.apache.org/jira/browse/NIFI-12827?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17819054#comment-17819054
]
ASF subversion and git services commented on NIFI-12827:
--------------------------------------------------------
Commit 47290eb39fa91fdba3b37f13d91eaa0e82911727 in nifi's branch
refs/heads/main from dependabot[bot]
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=47290eb39f ]
NIFI-12827 Upgraded PostgreSQL JDBC test driver from 42.7.1 to 42.7.2
This closes #8437
Signed-off-by: David Handermann <[email protected]>
> Upgrade PostgresSQL JDBC to 42.7.2
> ----------------------------------
>
> Key: NIFI-12827
> URL: https://issues.apache.org/jira/browse/NIFI-12827
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Major
> Fix For: 2.0.0, 1.26.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The PostgreSQL JDBC Driver in versions prior to 42.7.2 is vulnerable to SQL
> injection using a non-default configuration property. The PostgreSQL JDBC
> Driver is not distributed in any NiFi components, it is only used as a
> dependency for integration tests, but it should be upgraded to avoid warnings
> related to CVE-2024-1597.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
