Update postgresql driver to 42.3.3 to resolve security vulnerability C…

…VE-2022-21724
Consensys · Mar 10, 2022 · b098379 · b098379
1 parent 8d019c4
commit b098379
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 21.10.6
+### Bugs Fixed
+- Updated to PostgreSQL JDBC driver to 42.3.3. Resolves a potential vulnerability CVE-2022-21724.
+
 ## 21.10.5
 ### Bugs Fixed
 - Updated to log4j 2.17.1. Resolves two potential vulnerabilities which are only exploitable when using custom log4j configurations that are either writable by untrusted users or log data from the `ThreadContext`.

diff --git a/gradle/versions.gradle b/gradle/versions.gradle
@@ -116,7 +116,7 @@ dependencyManagement {
     dependency 'com.azure:azure-identity:1.3.6'
 
     dependency 'com.zaxxer:HikariCP:3.4.5'
-    dependency 'org.postgresql:postgresql:42.2.20'
+    dependency 'org.postgresql:postgresql:42.3.3'
 
     dependencySet(group: 'org.jdbi', version: '3.14.4') {
       entry 'jdbi3-core'