From edbbce9981152eb8a5882998962b19ea84b9989d Mon Sep 17 00:00:00 2001
From: Ben Pirt <ben@pirt.co.uk>
Date: Thu, 29 Feb 2024 14:21:37 +0000
Subject: [PATCH] Upgrade the postgres lib to prevent CVE-2024-1597

---
 dependencies.gradle                    | 1 +
 postgres-external-storage/build.gradle | 2 +-
 postgres-persistence/build.gradle      | 2 +-
 server/build.gradle                    | 1 +
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/dependencies.gradle b/dependencies.gradle
index 7a707e6fd..272458f46 100644
--- a/dependencies.gradle
+++ b/dependencies.gradle
@@ -32,6 +32,7 @@ ext {
     revGuava = '30.0-jre'
     revHamcrestAllMatchers = '1.8'
     revHealth = '1.1.4'
+    revPostgres = '42.7.2'
     revProtoBuf = '3.21.12'
     revJakartaAnnotation = '2.1.1'
     revJAXB = '4.0.1'
diff --git a/postgres-external-storage/build.gradle b/postgres-external-storage/build.gradle
index 9d103eca7..a429cc067 100644
--- a/postgres-external-storage/build.gradle
+++ b/postgres-external-storage/build.gradle
@@ -5,7 +5,7 @@ dependencies {
     compileOnly 'org.springframework.boot:spring-boot-starter'
     compileOnly 'org.springframework.boot:spring-boot-starter-web'
 
-    implementation 'org.postgresql:postgresql'
+    implementation "org.postgresql:postgresql:${revPostgres}"
     implementation 'org.springframework.boot:spring-boot-starter-jdbc'
     implementation 'org.flywaydb:flyway-core'
     implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:${revSpringDoc}"
diff --git a/postgres-persistence/build.gradle b/postgres-persistence/build.gradle
index acc925b51..a9f740b64 100644
--- a/postgres-persistence/build.gradle
+++ b/postgres-persistence/build.gradle
@@ -13,7 +13,7 @@ dependencies {
     implementation "com.fasterxml.jackson.core:jackson-core"
 
     implementation "org.apache.commons:commons-lang3"
-    implementation "org.postgresql:postgresql:42.3.8"
+    implementation "org.postgresql:postgresql:${revPostgres}"
     implementation "org.springframework.boot:spring-boot-starter-jdbc"
     implementation "org.flywaydb:flyway-core"
 
diff --git a/server/build.gradle b/server/build.gradle
index 072648028..09c0ce0c2 100644
--- a/server/build.gradle
+++ b/server/build.gradle
@@ -65,6 +65,7 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-log4j2'
     implementation 'org.apache.logging.log4j:log4j-web'
     implementation "redis.clients:jedis:${revJedis}"
+    implementation "org.postgresql:postgresql:${revPostgres}"
 
     implementation 'org.springframework.boot:spring-boot-starter-actuator'
     implementation ("io.orkes.queues:orkes-conductor-queues:${revOrkesQueues}") {