Update to 42.4.1 to fix CVE-2022-31197

(cherry picked from commit 89a140c25adf435064e0dab095f5bf0331afbad8)
2022-08-09 15:39:54 +08:00 · 2022-08-09 15:39:54 +08:00 · 18912bc40a
commit 18912bc40a
parent f93a611a77
3 changed files with 18 additions and 1 deletions
--- a/postgresql-42.2.25-jdbc-src.tar.gz
+++ b/postgresql-42.2.25-jdbc-src.tar.gz
--- a/postgresql-42.4.1-jdbc-src.tar.gz
+++ b/postgresql-42.4.1-jdbc-src.tar.gz
--- a/postgresql-jdbc.spec
+++ b/postgresql-jdbc.spec
@ -1,6 +1,6 @@
 Name:		postgresql-jdbc
 Summary:	Postgresql JDBC Driver
-Version:	42.2.25
+Version:	42.4.1
 Release:	1
 License:	BSD
 URL:		http://jdbc.postgresql.org/
@ -10,6 +10,11 @@ Source0:        https://repo1.maven.org/maven2/org/postgresql/postgresql/%{versi
 BuildRequires:	maven-local java-comment-preprocessor properties-maven-plugin	classloader-leak-test-framework
 BuildRequires:	maven-enforcer-plugin maven-plugin-bundle maven-plugin-build-helper java-devel >= 1.8
 BuildRequires:	mvn(org.apache.maven.plugins:maven-clean-plugin) mvn(com.ongres.scram:client)
+BuildRequires:  mvn(org.apache.maven.surefire:surefire-junit-platform)
+BuildRequires:  mvn(org.junit.jupiter:junit-jupiter-api)
+BuildRequires:  mvn(org.junit.jupiter:junit-jupiter-engine)
+BuildRequires:  mvn(org.junit.jupiter:junit-jupiter-params)
+BuildRequires:  mvn(org.junit.vintage:junit-vintage-engine)

 Obsoletes:      %{name}-parent-poms < 42.2.2-2
 Provides:	pgjdbc = %version-%release
@ -41,6 +46,15 @@ find -type f \( -name "*.jar" -or -name "*.class" \) | xargs rm -f

 install -d pgjdbc/target/generated-sources/annotations

+%pom_remove_dep uk.org.webcompere:system-stubs-jupiter
+
+# remove tests that depend on the system-stubs-jupiter
+rm src/test/java/org/postgresql/test/jdbc2/DriverTest.java \
+   src/test/java/org/postgresql/util/OSUtilTest.java \
+   src/test/java/org/postgresql/util/PGPropertyPasswordParserTest.java \
+   src/test/java/org/postgresql/util/PGPropertyServiceParserTest.java \
+   src/test/java/org/postgresql/util/StubEnvironmentAndProperties.java
+
 %build
 opts="-f"
 %mvn_build $opts --  -DwaffleEnabled=false \
@ -64,6 +78,9 @@ find %{_buildrootdir} -name "%{name}.xml" | xargs sed -i '/pgjdbc-aggregate.pom<
 %doc README.md

 %changelog
+* Tue Aug 09 2022 yaoxin <yaoxin30@h-partners.com> - 42.4.1-1
+- Update to 42.4.1 to fix CVE-2022-31197
+
 * Wed Feb 16 2022 houyingchao <houyingchao@huawei.com> - 42.2.25-1
 - Upgrade to 42.2.25
 - Fix CVE-2022-21724