Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-22061

Upgrade Bamboo PostgreSQL JDBC Driver for CVE-2022-41946 Information Disclosure

      Problem

      Upgrade Bamboo PostgreSQL JDBC Driver  for CVE-2022-41946 Information Disclosure

      Steps to Reproduce

      Expected Results

      PostgreSQL JDBC Driver version 42.3.8+

      Actual Results

      PostgreSQL JDBC Driver version  <= 42.3.6

      Workaround

      Upgrade driver version at <BAMBOO_INSTALL>/lib folder to 42.3.8+ 

      https://jdbc.postgresql.org/changelogs/2022-11-23-42.5.1-release/ 

      1. Stop Bamboo
      2. Move the jar file <BAMBOO_INSTALL_DIR>/lib/postgresql-42.3.X.jar
      3. download the jar from https://jdbc.postgresql.org/download/postgresql-42.3.8.jar
      4. Copy the jar file to /<BAMBOO_INSTALL_DIR>/lib/.
      5. Start Bamboo
      6. Monitor the logs

       

      Notes

            [BAM-22061] Upgrade Bamboo PostgreSQL JDBC Driver for CVE-2022-41946 Information Disclosure

            There are no comments yet on this issue.

              achystoprudov Alexey Chystoprudov
              661435e617fd Vani
              Affected customers:
              0 This affects my team
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: