Vulnerability in PostgreSQL 12.13
search cancel

Vulnerability in PostgreSQL 12.13

book

Article ID: 398219

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

In our Vulnerability scan, we noticed a vulnerability for Jasper Report 8.2.0.

We need your help to upgrade the Postgre sql from 12.13 to 12.18. 

This is what Nessus says.

  1. PostgreSQL 12.x < 12.18 / 13.x < 13.14 / 14.x < 14.11 / 15.x < 15.6 SQL Injection

D:\Program Files\PostgreSQL\12\n  Installed version : 12.13\n  Fixed version : 12.18

Resolution

Broadcom Identity Suite does not provide vulnerability remediation support for PostgresSQL 12.13.

Please contact your TIBCO and/or Postgres vendor for assistance.

Please see Additional Information, below.

Additional Information

PostgresSQL has never been shipped or included in our distribution of Jasper Report Server 8.1 or 8.2.

It was last included with 7.1.1, but only with Postegresql 9.6, according to the platform support matrix:

Report Server Platform Support

 

PostgresSQL 12.x was the latest version that was QA-validated by Broadcom for Symantec IGA JasperReports Server - 8.2.

However, TIBCO's Platform Support Guide indicates that 8.2 supports Postgres 12, 13 and 14:

TIBCO Report Server Platform Support

 

Powered by Wolken Software