Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Bump org.postgresql:postgresql from 42.3.8 to 42.3.9 in /server/api-service/lowcoder-plugins/postgresPlugin#778

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
dependabot wants to merge1 commit intomain
base:main
Choose a base branch
Loading
fromdependabot/maven/server/api-service/lowcoder-plugins/postgresPlugin/org.postgresql-postgresql-42.3.9

Conversation

dependabot[bot]
Copy link
Contributor

@dependabotdependabotbot commented on behalf ofgithubMar 27, 2024
edited
Loading

Bumpsorg.postgresql:postgresql from 42.3.8 to 42.3.9.

Changelog

Sourced fromorg.postgresql:postgresql's changelog.

Changelog

Notable changes since version 42.0.0, read the completeHistory of Changes.

The format is based onKeep a Changelog.

[Unreleased]

Changed

Added

Fixed

[42.7.3] (2024-04-14 14:51:00 -0400)

Changed

Fixed

  • fix: boolean types not handled in SimpleQuery mode [PR#3146](pgjdbc/pgjdbc#3146)
    • make sure we handle boolean types in simple query mode
    • support uuid as well
    • handle all well known types in text mode and changeelse if toswitch
  • fix: released new versions of 42.2.29, 42.3.10, 42.4.5, 42.5.6, 42.6.2 to deal withNoSuchMethodError on ByteBuffer#position when running on Java 8

[42.7.2] (2024-02-21 08:23:00 -0500)

Security

  • security: SQL Injection via line comment generation, it is possible inSimpleQuery mode to generate a line comment by having a placeholder for a numeric with a-such as-?. There must be second placeholder for a string immediately after. Setting the parameter to a -ve value creates a line comment.This has been fixed in this version fixesCVE-2024-1597. Reported byPaul Gerste. See thesecurity advisory for more details. This has been fixed in versions 42.7.2, 42.6.1 42.5.5, 42.4.4, 42.3.9, 42.2.28.jre7. See the security advisory for work arounds.

Changed

Added

[42.7.1] (2023-12-06 08:34:00 -0500)

Changed

  • perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing [PR#3044](pgjdbc/pgjdbc#3044)

Fixed

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting@dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from theSecurity Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabotdependabotbot added DependenciesPull requests that update a dependency file javaPull requests that update Java code labelsMar 27, 2024
@netlifyNetlify
Copy link

netlifybot commentedMar 27, 2024
edited
Loading

Deploy Preview forlowcoder-cloud canceled.

NameLink
🔨 Latest commitaf5fa3a
🔍 Latest deploy loghttps://app.netlify.com/sites/lowcoder-cloud/deploys/680d0f9c2156e7000827c5e4

Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 42.3.8 to 42.3.9.- [Release notes](https://github.com/pgjdbc/pgjdbc/releases)- [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md)- [Commits](pgjdbc/pgjdbc@REL42.3.8...REL42.3.9)---updated-dependencies:- dependency-name: org.postgresql:postgresql  dependency-type: direct:production...Signed-off-by: dependabot[bot] <support@github.com>
@ludomikulaludomikulaforce-pushed thedependabot/maven/server/api-service/lowcoder-plugins/postgresPlugin/org.postgresql-postgresql-42.3.9 branch from1562937 toaf5fa3aCompareApril 26, 2025 16:53
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
DependenciesPull requests that update a dependency filejavaPull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

0 participants
[8]ページ先頭
©2009-2025 Movatter.jp