Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[INLONG-5786][CVE] Bump postgresql from 42.3.4 to 42.4.1 to fix SQL Injection #5787

Merged
merged 2 commits into from
Sep 6, 2022

Conversation

dockerzhang
Copy link
Contributor

Prepare a Pull Request

(Change the title refer to the following example)

  • Title Example: [INLONG-XYZ][Component] Title of the pull request

(The following XYZ should be replaced by the actual GitHub Issue number)

Motivation

Explain here the context, and why you're making that change. What is the problem you're trying to solve?

Modifications

Describe the modifications you've done.

Verifying this change

(Please pick either of the following options)

  • This change is a trivial rework/code cleanup without any test coverage.

  • This change is already covered by existing tests, such as:
    (please describe tests)

  • This change added tests and can be verified as follows:

    (example:)

    • Added integration tests for end-to-end deployment with large payloads (10MB)
    • Extended integration test for recovery after broker failure

Documentation

  • Does this pull request introduce a new feature? (yes / no)
  • If yes, how is the feature documented? (not applicable / docs / JavaDocs / not documented)
  • If a feature is not applicable for documentation, explain why?
  • If a feature is not documented yet in this PR, please create a follow-up issue for adding the documentation

@dockerzhang dockerzhang merged commit 19ba176 into apache:master Sep 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Improve][CVE] PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
3 participants