Vulnerability in subDependency of postgressql:42.2.23

[DmitryFleisher]

The latest version of postgis bindings (2021.1.0) contains very vulnarable dependency. Can it be updated to major version? https://mvnrepository.com/artifact/net.postgis/postgis-jdbc/2021.1.0 Thank in advance!

[phillipross]

Yes, we'll be cutting a new release shortly 😉

[phillipross]

newly released version is based on postgresql jdbc v42.7.1 and should be in maven central shortly