Skip to content

fix: vulnerabilities in postgres jar CVE-2025-49146#2884

Merged
VietND96 merged 1 commit intoSeleniumHQ:trunkfrom
amardeep2006:patch-2
Jul 6, 2025
Merged

fix: vulnerabilities in postgres jar CVE-2025-49146#2884
VietND96 merged 1 commit intoSeleniumHQ:trunkfrom
amardeep2006:patch-2

Conversation

@amardeep2006
Copy link
Contributor

@amardeep2006 amardeep2006 commented Jul 5, 2025
edited by qodo-code-review bot
Loading

User description

Thanks for contributing to the Docker-Selenium project!
A PR well described will help maintainers to quickly review and merge it

Before submitting your PR, please check our contributing guidelines, applied for this repository.
Avoid large PRs, help reviewers by making them as simple and short as possible.

Description

fix CVE-2025-49146 in /external_jars/https/repo1.maven.org/maven2/org/postgresql/postgresql/42.7.5/postgresql-42.7.5.jar

Motivation and Context

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist

  • I have read the contributing document.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

PR Type

Bug fix

Description

  • Update PostgreSQL driver version from 42.7.5 to 42.7.7

  • Fix security vulnerability CVE-2025-49146

Changes diagram

flowchart LR
  A["PostgreSQL 42.7.5"] -- "Security Update" --> B["PostgreSQL 42.7.7"]
  B --> C["CVE-2025-49146 Fixed"]
Loading

Changes walkthrough 📝

Relevant files
Bug fix
Dockerfile
Update PostgreSQL driver version for security fix               

Base/Dockerfile

  • Update POSTGRESQL_VERSION argument from 42.7.5 to 42.7.7
  • Address security vulnerability in PostgreSQL driver
    		• +1/-1     
    Need help?
  • Type /help how to ... in the comments thread for any questions about Qodo Merge usage.
  • Check out the documentation for more information.
    •

    @amardeep2006
    fix: vulnerabilities in postgres jar CVE-2025-49146
    1dadaed 
    fix CVE-2025-49146 in /external_jars/https/repo1.maven.org/maven2/org/postgresql/postgresql/42.7.5/postgresql-42.7.5.jar
    @qodo-code-review
    Copy link
    Contributor

    qodo-code-review bot commented Jul 5, 2025

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    ⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ No major issues detected

    @qodo-code-review
    Copy link
    Contributor

    qodo-code-review bot commented Jul 5, 2025

    PR Code Suggestions ✨

    No code suggestions found for the PR.

    @amardeep2006 amardeep2006 mentioned this pull request Jul 5, 2025
    Closed
    @VietND96 VietND96 merged commit 25f57f1 into SeleniumHQ:trunk Jul 6, 2025
    1 check passed
    VietND96 pushed a commit to NDViet/docker-selenium that referenced this pull request Jul 25, 2025
    @amardeep2006 @VietND96
    fix: vulnerabilities in postgres jar CVE-2025-49146 (SeleniumHQ#2884)
    9fc7223 
    fix CVE-2025-49146 in /external_jars/https/repo1.maven.org/maven2/org/postgresql/postgresql/42.7.5/postgresql-42.7.5.jar
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    No reviews

    Assignees

    No one assigned

    Labels

    Review effort 1/5

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    2 participants

    @amardeep2006 @VietND96