Обсуждение: pgjdbc 42.2.5 released to address potential security issue

A potential security issue ([CVE-2018-10936](https://access.redhat.com/security/cve/CVE-2018-10936)) has been addressed. It was theoretically possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver.

During the process of investigating this a number of changes have been made.

`ssl=true` now means `verify-full`. This is a diversion from libpq which defaults to no validation or verification. With `ssl=true` or `verify-full` the driver will verify the ssl certificate and validate that the host is the host named in the certificate.

The driver now also supports allow and prefer, see [https://jdbc.postgresql.org/documentation/head/ssl-client.html](ssl-client) for details.

Regards,