PostgreSQL JDBC Driver 42.5.1 Released

security: StreamWrapper spills to disk if setText, or setBytea sends very large Strings or arrays to the server. createTempFile creates a file which can be read by other users on unix like systems (Not macos).
This has been fixed in this version fixes CVE-2022-41946 see the security advisory for more details.
Reported by Jonathan Leitschuh
This has been fixed in versions 42.5.1, 42.4.3 42.3.8, 42.2.27.jre7.
Note there is no fix for 42.2.26.jre6. See the security advisory for work arounds.

fix: make sure we select array_in from pg_catalog to avoid duplicate array_in functions fixes #Issue 2548 PR #2552
fix: binary decoding of bool values PR #2640
perf: improve performance of PgResultSet getByte/getShort/getInt/getLong for float-typed columns PR #2634
chore: fix various spelling errors PR #2592
chore: Feature/urlparser improve URLParser PR #2641

Commits by author

Dave Cramer (13):

Update README.md PR 2609
Ignore simplequery for postgresql 8.4 PR 2614
Single commit to move newdocs into master PR 2618
update versions PR 2619
fix grammar, fix downloads, minor edits PR 2626
fix: make sure we select array_in from pg_catalog to avoid duplicate array_in functions fixes #Issue 2548 PR 2552
clarify prepared statement usage PR 2629
fix maven coordinates PR 2631
remove javadoc links for java 17 and above PR 2637
revert change to PGProperty.get() to keep the API the same PR 2644
exclude ArrayTest versions less than 9.1 PR 2645

Evgeniy Devyatykh (1):

perf: improve performance of PgResultSet getByte/getShort/getInt/getLong for float-typed columns PR 2634

Josh Soref (1):

Kevin222004 (1):

Knut Olav Løite (1):

Marek Läll (1):

Vladimir Sitnikov (4):

docs: clarify we ship security fixes by default for the latest 42.x and 42.2 only PR 2586

μtkarsh (1):