Lucene search

DebianDEBIAN:DLA-2662-1:8110C

HistoryMay 15, 2021 - 6:35 a.m.

[SECURITY] [DLA 2662-1] postgresql-9.6 security update

2021-05-1506:35:07

lists.debian.org

118

debian lts

postgresql

security update

cve-2021-32027

cve-2021-32028

arbitrary code

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.007

Percentile

80.4%

JSON

Debian LTS Advisory DLA-2662-1 [email protected]
https://www.debian.org/lts/security/ Utkarsh Gupta
May 15, 2021 https://wiki.debian.org/LTS

Package : postgresql-9.6
Version : 9.6.22-0+deb9u1
CVE ID : CVE-2021-32027 CVE-2021-32028

Multiple security issues have been discovered in the PostgreSQL
database system, which could result in the execution of arbitrary
code or disclosure of memory content.

For Debian 9 stretch, these problems have been fixed in version
9.6.22-0+deb9u1.

We recommend that you upgrade your postgresql-9.6 packages.

For the detailed security status of postgresql-9.6 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-9.6

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10ppc64elpostgresql-plperl-11< 11.12-0+deb10u1postgresql-plperl-11_11.12-0+deb10u1_ppc64el.deb
Debian10s390xpostgresql-server-dev-11-dbgsym< 11.12-0+deb10u1postgresql-server-dev-11-dbgsym_11.12-0+deb10u1_s390x.deb
Debian10armhfpostgresql-11-dbgsym< 11.12-0+deb10u1postgresql-11-dbgsym_11.12-0+deb10u1_armhf.deb
Debian9amd64postgresql-plperl-9.6< 9.6.22-0+deb9u1postgresql-plperl-9.6_9.6.22-0+deb9u1_amd64.deb
Debian10ppc64elpostgresql-pltcl-11< 11.12-0+deb10u1postgresql-pltcl-11_11.12-0+deb10u1_ppc64el.deb
Debian10mipspostgresql-plpython3-11-dbgsym< 11.12-0+deb10u1postgresql-plpython3-11-dbgsym_11.12-0+deb10u1_mips.deb
Debian10mips64elpostgresql-pltcl-11-dbgsym< 11.12-0+deb10u1postgresql-pltcl-11-dbgsym_11.12-0+deb10u1_mips64el.deb
Debian9arm64postgresql-9.6< 9.6.22-0+deb9u1postgresql-9.6_9.6.22-0+deb9u1_arm64.deb
Debian10mipslibecpg6-dbgsym< 11.12-0+deb10u1libecpg6-dbgsym_11.12-0+deb10u1_mips.deb
Debian10armhflibecpg-compat3-dbgsym< 11.12-0+deb10u1libecpg-compat3-dbgsym_11.12-0+deb10u1_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	ppc64el	postgresql-plperl-11	< 11.12-0+deb10u1	postgresql-plperl-11_11.12-0+deb10u1_ppc64el.deb
Debian	10	s390x	postgresql-server-dev-11-dbgsym	< 11.12-0+deb10u1	postgresql-server-dev-11-dbgsym_11.12-0+deb10u1_s390x.deb
Debian	10	armhf	postgresql-11-dbgsym	< 11.12-0+deb10u1	postgresql-11-dbgsym_11.12-0+deb10u1_armhf.deb
Debian	9	amd64	postgresql-plperl-9.6	< 9.6.22-0+deb9u1	postgresql-plperl-9.6_9.6.22-0+deb9u1_amd64.deb
Debian	10	ppc64el	postgresql-pltcl-11	< 11.12-0+deb10u1	postgresql-pltcl-11_11.12-0+deb10u1_ppc64el.deb
Debian	10	mips	postgresql-plpython3-11-dbgsym	< 11.12-0+deb10u1	postgresql-plpython3-11-dbgsym_11.12-0+deb10u1_mips.deb
Debian	10	mips64el	postgresql-pltcl-11-dbgsym	< 11.12-0+deb10u1	postgresql-pltcl-11-dbgsym_11.12-0+deb10u1_mips64el.deb
Debian	9	arm64	postgresql-9.6	< 9.6.22-0+deb9u1	postgresql-9.6_9.6.22-0+deb9u1_arm64.deb
Debian	10	mips	libecpg6-dbgsym	< 11.12-0+deb10u1	libecpg6-dbgsym_11.12-0+deb10u1_mips.deb
Debian	10	armhf	libecpg-compat3-dbgsym	< 11.12-0+deb10u1	libecpg-compat3-dbgsym_11.12-0+deb10u1_armhf.deb