search

postgis / postgis-java

java bindings for postgis
145 stars 56 forks source link

Vulnerability in subDependency of postgressql:42.7.1 #133

Closed DmitryFleisher closed 1 month ago

DmitryFleisher commented 2 months ago

The latest version of postgis bindings (2023.1.0) contains very vulnerable dependency. Can it be updated to major version? https://mvnrepository.com/artifact/net.postgis/postgis-jdbc/2023.1.0 Thank in advance!

phillipross commented 1 month ago

resolve in release v2024.1.0