Univention Bugzilla – Bug 57572
postgresql-11: Multiple issues (5.0)
Last modified: 2024-09-16 08:10:55 CEST
New Debian postgresql-11 11.22-0+deb10u3 fixes: This update addresses the following issue: 11.22-0+deb10u3 (Fri, 30 Aug 2024 15:53:22 -0400) * Non-maintainer upload by the ELTS Team. * Fix race condition in pg_dump in PostgreSQL that allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. (CVE-2024-7348)
--- mirror/ftp/pool/main/p/postgresql-11/postgresql-11_11.22-0+deb10u2.dsc +++ apt/ucs_5.0-0-errata5.0-8/source/postgresql-11_11.22-0+deb10u3.dsc @@ -1,3 +1,10 @@ +11.22-0+deb10u3 [Fri, 30 Aug 2024 15:53:22 -0400] Roberto C. Sánchez <roberto@debian.org>: + + * Non-maintainer upload by the ELTS Team. + * Fix race condition in pg_dump in PostgreSQL that allows an object creator + to execute arbitrary SQL functions as the user running pg_dump, which is + often a superuser. (CVE-2024-7348) + 11.22-0+deb10u2 [Mon, 18 Mar 2024 14:39:21 +0200] Adrian Bunk <bunk@debian.org>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/5.0-8/#2372011237703469780>
OK: bug OK: yaml OK: announce_errata OK: patch ~OK: piuparts [5.0-8] c66ab55840 Bug #57572: Advisory wording doc/errata/staging/postgresql-11.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) [5.0-8] 1806409f64 Bug #57572: postgresql-11 11.22-0+deb10u3 doc/errata/staging/postgresql-11.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+)