CVE-2022-21724 JDBC driver update for EDB*Plus

Jamie Watt
Jamie Watt

A CVE was recently reported against a vulnerability found in the PostgreSQL JDBC driver, CVE-2022-21724. This article is intended to instruct users how to address the risk in EDB*Plus.

Upgrade of EDB JDBC driver in EDB*Plus

The EDB JDBC driver needs to be upgraded to the latest version 42.3.2.1 in EDB*Plus. This update fixes the CVE-2022-21724 vulnerability reported in older versions of EDB JDBC driver. Please follow the below instructions to update the JDBC driver.

Update source-specific drivers

Before invoking EDB*Plus, install or update EDB JDBC driver. Please visit the EDB Connectors section of the Downloads page at the EDB website. The link is provided in the section below.

After downloading the EDB JDBC driver, move or replace the driver file in the <edbplus_install_dir>/lib directory. Please make sure that there is only one version of the JDBC driver in the <edbplus_install_dir>/lib directory.

EDB JDBC driver

The EDB JDBC driver is available on the EDB Download page:

https://www.enterprisedb.com/software-downloads-postgres#edb-connectors

Select the JDBC 42.3.2.1 option and click on the appropriate link, depending on the required platform, to either access the repo for a Linux version of the driver or download the installer for installing the JDBC driver on Windows.

Example: EDB JDBC driver installation steps on Linux

  1. On the EDB repos page, select the desired platform (CentOS 7 - x86_64 shown in example).
  2. From EDB JDBC Connector select 42.x.x.
  3. Follow the instructions to install the EDB JDBC driver on the right pane.

After installing the updated driver on the desired Linux platform, EDB*Plus will use the new version.

Example: EDB JDBC driver installation steps on Windows

  1. From the Interactive Installers select the desired platform (Windows x86-64 shown in example).
  2. After the login the download should start automatically.
  3. Execute the downloaded installer file named edb-jdbc-42.3.2.1-1-windows-x64.exe. It will upgrade the existing edb-jdbc installation.
  4. The default path for installation is C:\Program Files\edb\jdbc on a 64-bit machine.
  5. Copy (replace) the edb-jdbc18 from the JDBC driver installation path to the <edbplus_install_dir>\lib.

Was this article helpful?

0 out of 0 found this helpful