From a737eef06e5f6933d13f7f2753ad00af0b164949 Mon Sep 17 00:00:00 2001
From: Simon Dudley <simon.dudley@consensys.net>
Date: Fri, 5 Aug 2022 07:35:49 +0100
Subject: [PATCH] Upgrade postgres to 42.4.1 to fix CVE-2022-31197 (#621)

* Upgrade postgres to 42.4.1 to fix CVE-2022-31197
---
 CHANGELOG.md           | 3 +++
 gradle/versions.gradle | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3d150ec93..18a56a394 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,9 @@
 - Introduced `--slashing-protection-db-health-check-interval-milliseconds` to specify the interval between slashing db health check procedures.
 - Updated Teku libraries version (support for Prater/Görli merge).
 
+### Bugs Fixed
+- Updated to PostgreSQL JDBC driver to 42.4.1. Resolves a potential vulnerability CVE-2022-31197.
+
 ## 22.7.0
 ### Features Added
 - Support register validator API endpoint [#577](https://github.com/ConsenSys/web3signer/issues/577)
diff --git a/gradle/versions.gradle b/gradle/versions.gradle
index 4fe6d3fae..e6d60f809 100644
--- a/gradle/versions.gradle
+++ b/gradle/versions.gradle
@@ -122,7 +122,7 @@ dependencyManagement {
     dependency 'com.azure:azure-identity:1.4.3'
 
     dependency 'com.zaxxer:HikariCP:3.4.5'
-    dependency 'org.postgresql:postgresql:42.3.3'
+    dependency 'org.postgresql:postgresql:42.4.1'
 
     dependencySet(group: 'org.jdbi', version: '3.14.4') {
       entry 'jdbi3-core'