Re: [PR] Bump org.postgresql:postgresql from 42.5.4 to 42.5.5 in /flink-autoscaler-plugin-jdbc [flink-kubernetes-operator]

[via GitHub]

dependabot[bot] commented on PR #780:
URL: 
https://github.com/apache/flink-kubernetes-operator/pull/780#issuecomment-1961616235

   OK, I won't notify you about version 42.x.x again, unless you re-open this 
PR.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump org.postgresql:postgresql from 42.5.4 to 42.5.5 in /flink-autoscaler-plugin-jdbc [flink-kubernetes-operator]

[via GitHub]

1996fanrui commented on PR #780:
URL: 
https://github.com/apache/flink-kubernetes-operator/pull/780#issuecomment-1961616134

   @dependabot ignore this major version


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump org.postgresql:postgresql from 42.5.4 to 42.5.5 in /flink-autoscaler-plugin-jdbc [flink-kubernetes-operator]

[via GitHub]

dependabot[bot] commented on PR #780:
URL: 
https://github.com/apache/flink-kubernetes-operator/pull/780#issuecomment-1961614279

   OK, I won't notify you again about this release, but will get in touch when 
a new version is available. If you'd rather skip all updates until the next 
major or minor version, let me know by commenting `@dependabot ignore this 
major version` or `@dependabot ignore this minor version`.
   
   If you change your mind, just re-open this PR and I'll resolve any conflicts 
on it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] Bump org.postgresql:postgresql from 42.5.4 to 42.5.5 in /flink-autoscaler-plugin-jdbc [flink-kubernetes-operator]

[via GitHub]

1996fanrui closed pull request #780: Bump org.postgresql:postgresql from 42.5.4 
to 42.5.5 in /flink-autoscaler-plugin-jdbc
URL: https://github.com/apache/flink-kubernetes-operator/pull/780


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[PR] Bump org.postgresql:postgresql from 42.5.4 to 42.5.5 in /flink-autoscaler-plugin-jdbc [flink-kubernetes-operator]

[via GitHub]

dependabot[bot] opened a new pull request, #780:
URL: https://github.com/apache/flink-kubernetes-operator/pull/780

   Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 
42.5.4 to 42.5.5.
   
   Changelog
   Sourced from https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md;>org.postgresql:postgresql's
 changelog.
   
   Changelog
   Notable changes since version 42.0.0, read the complete https://jdbc.postgresql.org/documentation/changelog.html;>History of 
Changes.
   The format is based on http://keepachangelog.com/en/1.0.0/;>Keep 
a Changelog.
   [Unreleased]
   Changed
   Added
   Fixed
   [42.7.2] (2024-02-21 08:23:00 -0500)
   Security
   
   security: SQL Injection via line comment generation, it is possible in 
SimpleQuery mode to generate a line comment by having a 
placeholder for a numeric with a -
   such as -?. There must be second placeholder for a string 
immediately after. Setting the parameter to a -ve value creates a line comment.
   This has been fixed in this version fixes https://www.cve.org/CVERecord?id=CVE-2024-1597;>CVE-2024-1597. 
Reported by https://github.com/paul-gerste-sonarsource;>Paul 
Gerste. See the https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-24rp-q3w6-vc56;>security
 advisory for more details. This has been fixed in versions 42.7.2, 42.6.1 
42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work 
arounds.
   
   Changed
   
   fix: Use simple query for isValid. Using Extended query sends two 
messages checkConnectionQuery was never ever set or used, removed [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3101;>#3101](https://redirect.github.com/pgjdbc/pgjdbc/pull/3101;>pgjdbc/pgjdbc#3101)
   perf: Avoid autoboxing bind indexes by https://github.com/bokken;>@​bokken in [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/1244;>#1244](https://redirect.github.com/pgjdbc/pgjdbc/pull/1244;>pgjdbc/pgjdbc#1244)
   refactor: Document that encodePassword will zero out the password array, 
and remove driver's default encodePassword by https://github.com/vlsi;>@​vlsi in [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3084;>#3084](https://redirect.github.com/pgjdbc/pgjdbc/pull/3084;>pgjdbc/pgjdbc#3084)
   
   Added
   
   feat: Add PasswordUtil for encrypting passwords client side [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3082;>#3082](https://redirect.github.com/pgjdbc/pgjdbc/pull/3082;>pgjdbc/pgjdbc#3082)
   
   [42.7.1] (2023-12-06 08:34:00 -0500)
   Changed
   
   perf: improve performance of PreparedStatement.setBlob, BlobInputStream, 
and BlobOutputStream with dynamic buffer sizing [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3044;>#3044](https://redirect.github.com/pgjdbc/pgjdbc/pull/3044;>pgjdbc/pgjdbc#3044)
   
   Fixed
   
   fix: Apply connectTimeout before SSLSocket.startHandshake to avoid 
infinite wait in case the connection is broken [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3040;>#3040](https://redirect.github.com/pgjdbc/pgjdbc/pull/3040;>pgjdbc/pgjdbc#3040)
   fix: support waffle-jna 2.x and 3.x by using reflective approach for 
ManagedSecBufferDesc [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/2720;>#2720](https://redirect.github.com/pgjdbc/pgjdbc/pull/2720;>pgjdbc/pgjdbc#2720)
 Fixes [Issue https://redirect.github.com/pgjdbc/pgjdbc/issues/2690;>#2690](https://redirect.github.com/pgjdbc/pgjdbc/issues/2720;>pgjdbc/pgjdbc#2720).
   fix: NoSuchMethodError on ByteBuffer#position When Running on Java 8  
when accessing arrays, fixes [Issue https://redirect.github.com/pgjdbc/pgjdbc/issues/3014;>#3014](https://redirect.github.com/pgjdbc/pgjdbc/issues/3014;>pgjdbc/pgjdbc#3014)
   Revert [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/2925;>#2925](https://redirect.github.com/pgjdbc/pgjdbc/pull/2925;>pgjdbc/pgjdbc#2925)
 Use canonical DateStyle name [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3035;>#3035](https://redirect.github.com/pgjdbc/pgjdbc/pull/3035;>pgjdbc/pgjdbc#3035)
   Fixes  [Issue https://redirect.github.com/pgjdbc/pgjdbc/issues/3008;>#3008](https://redirect.github.com/pgjdbc/pgjdbc/issues/3008;>pgjdbc/pgjdbc#3008)
   Revert [PR #https://redirect.github.com/pgjdbc/pgjdbc/issues/2973;>#2973](https://redirect.github.com/pgjdbc/pgjdbc/pull/2973;>pgjdbc/pgjdbc#2973)
 feat: support SET statements combining with other queries with semicolon in 
PreparedStatement [PR https://redirect.github.com/pgjdbc/pgjdbc/issues/3010;>#3010](https://redirect.github.com/pgjdbc/pgjdbc/pull/3010;>pgjdbc/pgjdbc#3010)
   Fixes [Issue https://redirect.github.com/pgjdbc/pgjdbc/issues/3007;>#3007](https://redirect.github.com/pgjdbc/pgjdbc/issues/3007;>pgjdbc/pgjdbc#3007)
   fix: avoid timezone conversions when sending LocalDateTime to the 
database https://redirect.github.com/pgjdbc/pgjdbc/pull/3010;>#2852  Fixes 
[Issue https://redirect.github.com/pgjdbc/pgjdbc/issues/1390;>#1390](https://redirect.github.com/pgjdbc/pgjdbc/issues/1390;>pgjdbc/pgjdbc#1390)
   ,[Issue