The PostgreSQL JDBC driver was reported to have a major vulnerability in versions lower than 42.3.2 (cf. https://jdbc.postgresql.org/).
This JDBC driver version 42.3.2 has been released on Feb. 1st 2022 and was upgraded on all the SIM (Simplicité Instance Manager) servers on Feb. 3rd 2022 and in all latests versions/branches’s Simplicité Docker images built after Feb. 3rd 2022 (ex: on the latest Simplicité 5.1.29 revision’s images).
Note: A newer version of this JDBC driver (42.3.3) has also been release and upgraded on the SIM servers and Docker images today.
If you are using a PostgreSQL database we recommend that you upgrade the JDBC driver as soon as possible :
- If you are using our Docker images you just need to verifiy that you are actually using an image built after Feb. 3rd 2022. If it is not the case, you should upgrade your container(s) with the latest image of the same major version/branch.
- If you are using a SIM server you just need to make sure your instances are up to date and force upgrade them if it is not the case.
- If you use any other kind of “manual” custom deployements, upgrade this driver following your appropriate deployment processes