Skip to content

fix(security): Upgrade mssql-jdbc to 12.10.2.jre8 #26534

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 6, 2025
Merged

fix(security): Upgrade mssql-jdbc to 12.10.2.jre8 #26534

merged 1 commit into from
Nov 6, 2025
+1 −1

Conversation

@ShahimSharafudeen
Copy link
Contributor

@ShahimSharafudeen ShahimSharafudeen commented Nov 5, 2025

Description

Upgrade mssql-jdbc to 12.10.2.jre8 to address CVE-2025-59250

Motivation and Context

Impact

Test Plan

Contributor checklist

  • Please make sure your submission complies with our contributing guide, in particular code style and commit standards.
  • PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
  • Documented new properties (with its default value), SQL syntax, functions, or other functionality.
  • If release notes are required, they follow the release notes guidelines.
  • Adequate tests were added if applicable.
  • CI passed.
  • If adding new dependencies, verified they have an OpenSSF Scorecard score of 5.0 or higher (or obtained explicit TSC approval for lower scores).

Release Notes

Please follow release notes guidelines and fill in the release notes below.

== RELEASE NOTES ==

Security Changes
* Upgrade mssql-jdbc to 12.10.2.jre8 to address `CVE-2025-59250 <https://github.com/advisories/GHSA-m494-w24q-6f7w>`_.

@prestodb-ci prestodb-ci added the from:IBM PR from IBM label Nov 5, 2025
@ShahimSharafudeen ShahimSharafudeen marked this pull request as ready for review November 5, 2025 08:48
@ShahimSharafudeen ShahimSharafudeen requested a review from a team as a code owner November 5, 2025 08:48
@prestodb-ci prestodb-ci requested review from a team, Joe-Abraham and ScrapCodes and removed request for a team November 5, 2025 08:48
Joe-Abraham
Joe-Abraham approved these changes Nov 5, 2025
View reviewed changes
Copy link
Contributor

@Joe-Abraham Joe-Abraham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @ShahimSharafudeen, LGTM

@Joe-Abraham
Copy link
Contributor

Joe-Abraham commented Nov 5, 2025

@ShahimSharafudeen, I believe we must close #26518 because the changes are already present.

hantangwangd
hantangwangd approved these changes Nov 6, 2025
View reviewed changes
Copy link
Member

@hantangwangd hantangwangd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @ShahimSharafudeen

@Joe-Abraham Joe-Abraham merged commit 1ea14b5 into prestodb:master Nov 6, 2025
113 of 115 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tdcmeehan tdcmeehan tdcmeehan approved these changes

@hantangwangd hantangwangd hantangwangd approved these changes

@Joe-Abraham Joe-Abraham Joe-Abraham approved these changes

@ScrapCodes ScrapCodes Awaiting requested review from ScrapCodes ScrapCodes was automatically assigned from prestodb/ibm-reviewers

Assignees

No one assigned

Labels

from:IBM PR from IBM

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@ShahimSharafudeen @Joe-Abraham @tdcmeehan @hantangwangd @prestodb-ci