[JRASERVER-73578] Upgrade PostgresSQL JDBC driver to 42.2.25+ version

Type: Suggestion
Resolution: Fixed
Fix Version/s: 8.22.2, 8.20.12, 8.13.25
Component/s: Security
Labels:

UIS:
1
Feedback Policy:

We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Problem Definition

Jira 8.22.0 and lower versions have PostgresSQL driver version 42.2.23. This version has a vulnerability as described in: https://nvd.nist.gov/vuln/detail/CVE-2022-21724

Workaround

Upgrade driver manually , for example to 42.2.25

is cloned from

JRASERVER-72629 Upgrade PostgresSQL JDBC driver to 42.2.23+ version

Closed

mentioned in: Page Failed to load

Form Name

Security Metrics Bot made changes - 21/Feb/2025 3:04 PM

Labels

Original: database security security-imported

New: database resolved-in-vf security security-imported

Karol Skwierawski made changes - 21/Feb/2025 2:00 PM

Assignee

New: Karol Skwierawski [ 4e432536cf93 ]

Karol Skwierawski made changes - 21/Feb/2025 2:00 PM

Fix Version/s		New: 8.22.2 [ 99697 ]
Fix Version/s		New: 8.20.12 [ 101716 ]
Fix Version/s		New: 8.13.25 [ 102192 ]
Resolution		New: Fixed [ 1 ]
Status	Original: Gathering Interest [ 11772 ]	New: Closed [ 6 ]

Marcin Oles made changes - 20/Feb/2025 12:19 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 990304 ]

Jeremy R made changes - 06/Dec/2024 8:16 PM

Security

Original: Reporter and Atlassian Staff [ 10751 ]

Jeremy R made changes - 06/Dec/2024 8:16 PM

Labels

Original: database security security-imported shouldBePrivate

New: database security security-imported

Zaro made changes - 02/Dec/2024 1:52 PM

Labels	Original: database security security-imported	New: database security security-imported shouldBePrivate
Security		New: Reporter and Atlassian Staff [ 10751 ]

Mateusz Ostaszewski made changes - 24/Aug/2022 9:34 AM

Component/s	Original: Environment - Database [ 55604 ]
Component/s		New: Security [ 68109 ]

SET Analytics Bot made changes - 24/Jun/2022 2:37 AM

UIS

Original: 2

New: 1

SET Analytics Bot made changes - 16/Jun/2022 12:08 AM

UIS

Original: 3

New: 2

Assignee:: Karol Skwierawski

Reporter:: Eduard M

Votes:: 4 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 15/Mar/2022 10:14 AM

Updated:: 21/Feb/2025 3:04 PM

Resolved:: 21/Feb/2025 2:00 PM

Details

Description

Problem Definition

Suggested Solution

Workaround

Attachments

Issue Links

Forms

Activity

People

Dates