[
https://issues.apache.org/jira/browse/SPARK-39999?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bjørn Jørgensen updated SPARK-39999:
------------------------------------
Description:
postgresql >= 42.3.0, < 42.4.1 is affected by
[CVE-2022-31197|https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2]
|
Upgrade postgresql to 42.4.1 won't pass Github actions tests.
[42.2.26|https://github.com/pgjdbc/pgjdbc/commits/release/42.2] is a backport
to fix this CVE
was:
postgresql >= 42.3.0, < 42.4.1 is affected by [CVE-2022-31197
|https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2]
Upgrade postgresql to 42.4.1 won't pass Github actions tests.
[42.2.26|https://github.com/pgjdbc/pgjdbc/commits/release/42.2] is a backport
to fix this CVE
> Replace postgresql 42.3.3 with 42.2.26
> --------------------------------------
>
> Key: SPARK-39999
> URL: https://issues.apache.org/jira/browse/SPARK-39999
> Project: Spark
> Issue Type: Dependency upgrade
> Components: Build
> Affects Versions: 3.4.0
> Reporter: Bjørn Jørgensen
> Priority: Major
>
> postgresql >= 42.3.0, < 42.4.1 is affected by
> [CVE-2022-31197|https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2]
> |
> Upgrade postgresql to 42.4.1 won't pass Github actions tests.
> [42.2.26|https://github.com/pgjdbc/pgjdbc/commits/release/42.2] is a backport
> to fix this CVE
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
