[PLAT-16873][PLAT-16874][PLAT-16876] YBA security fixes

Summary: Upgraded several third party dependencies to fix security issues. 1. jinja2 3.1.5 2. postgresql 42.5.6 3. postgres 14.17 Test Plan: itest Reviewers: muthu, anijhawan Reviewed By: muthu Differential Revision: https://phorge.dev.yugabyte.com/D42324
yugabyte · Mar 6, 2025 · 74235bc · 74235bc
1 parent 651a45c
commit 74235bc
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 14 deletions.
diff --git a/managed/build.sbt b/managed/build.sbt
@@ -155,7 +155,7 @@ libraryDependencies ++= Seq(
   javaWs,
   filters,
   guice,
-  "org.postgresql" % "postgresql" % "42.3.9",
+  "org.postgresql" % "postgresql" % "42.5.6",
   "net.logstash.logback" % "logstash-logback-encoder" % "6.2",
   "ch.qos.logback" % "logback-classic" % "1.4.14",
   "org.codehaus.janino" % "janino" % "3.1.9",

diff --git a/managed/devops/python3_requirements.txt b/managed/devops/python3_requirements.txt
@@ -37,7 +37,7 @@ google-api-core==1.22.0
 google-auth==1.19.2
 grpcio==1.65.4
 grpcio-tools==1.65.4
-Jinja2==3.1.4
+Jinja2==3.1.5
 MarkupSafe==2.0.1
 mitogen==0.2.9
 msrestazure

diff --git a/managed/devops/python3_requirements_frozen.txt b/managed/devops/python3_requirements_frozen.txt
@@ -10,23 +10,23 @@ azure-mgmt-core==1.5.0
 azure-mgmt-network==19.3.0
 azure-mgmt-privatedns==1.0.0
 azure-mgmt-resource==19.0.0
-bcrypt==4.2.1
+bcrypt==4.3.0
 boto==2.49.0
 boto3==1.34.23
 botocore==1.34.23
 cachetools==4.2.4
-certifi==2024.8.30
+certifi==2025.1.31
 cffi==1.17.1
-charset-normalizer==3.4.0
-click==8.1.7
-cryptography==44.0.0
+charset-normalizer==3.4.1
+click==8.1.8
+cryptography==44.0.2
 deepdiff==5.5.0
 distro==1.5.0
 fabric==2.2.1
 geomet==0.2.1.post1
 google-api-core==1.22.0
 google-api-python-client==1.10.0
-googleapis-common-protos==1.66.0
+googleapis-common-protos==1.69.0
 google-auth==1.19.2
 google-auth-httplib2==0.2.0
 grpcio==1.65.4
@@ -35,7 +35,7 @@ httplib2==0.22.0
 idna==3.10
 invoke==1.7.3
 isodate==0.7.2
-Jinja2==3.1.4
+Jinja2==3.1.5
 jmespath==1.0.1
 MarkupSafe==2.0.1
 mitogen==0.2.9
@@ -48,7 +48,7 @@ oauthlib==3.2.2
 ordered-set==4.0.2
 packaging==24.2
 paramiko==3.4.0
-pip==24.3.1
+pip==25.0.1
 portalocker==2.10.1
 protobuf==5.26.1
 psycopg2==2.9.10
@@ -57,10 +57,10 @@ pyasn1_modules==0.4.1
 pycparser==2.22
 PyJWT==2.10.1
 PyNaCl==1.5.0
-pyparsing==3.2.0
+pyparsing==3.2.1
 python-dateutil==2.8.2
 python-ldap==3.4.4
-pytz==2024.2
+pytz==2025.1
 PyYAML==6.0.2
 requests==2.32.3
 requests-oauthlib==1.3.0

diff --git a/managed/yba-installer/Makefile b/managed/yba-installer/Makefile
@@ -38,8 +38,8 @@ PREREQS_DIR := ${TOP_BUILDDIR}/prereqs
 # Prometheus Version
 PROMETHEUS_VERSION ?= 3.1.0
 
-# https://github.com/yugabyte/yba-pg-build/releases/tag/2023-10-10-23-40
-POSTGRES_VERSION ?= 14.13
+# https://github.com/yugabyte/yba-pg-build/releases/tag/2025-03-05-17-09
+POSTGRES_VERSION ?= 14.17
 PG_BINARY_NAME ?= postgres-linux-${POSTGRES_VERSION}.tar.gz
 PG_BINARY_URL := https://s3.us-west-2.amazonaws.com/uploads.dev.yugabyte.com/yba-pg-build/${PG_BINARY_NAME}