File not found: fix-createTempFile-vulnerability-CVE-2022-41946.patch

postgresql-jdbc

Edit Package postgresql-jdbc
No description set
Refresh
Refresh
Source Files
Filename Size Changed
postgresql-42.7.2-jdbc-src.tar.gz 0001005874 982 KB
postgresql-jdbc.changes 0000004412 4.31 KB
postgresql-jdbc.spec 0000002099 2.05 KB
Latest Revision
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1153496 from Fridrich Strba's avatar Fridrich Strba (fstrba) (revision 7)
- Upgrade to upstream version 42.7.2
  * Security fix:
    + CVE-2024-1597 (bsc#1220644) postgresql vulnerable to SQL
      Injection via line comment generation
  * Other changes:
    + perf: avoid autoboxing bind indexes
    + add: Add PasswordUtil for encrypting passwords client side
    + refactor: document that encodePassword will zero out the
      password array, and remove driver's default encodePassword
    + change: Use simple query for isValid. Using Extended query
      sends two messages
- Removed patches:
  * CVE-2022-26520.patch
  * fix-SQL-Injection-CVE-2022-31197.patch
  * fix-createTempFile-vulnerability-CVE-2022-41946.patch
    + issues fixed by upstream before this version
Comments 0
openSUSE Build Service is sponsored by