2 matches found
MGASA-2021-0121 Updated postgresql packages fix security vulnerabilities
A user having an UPDATE privilege on a partitioned table but lacking the SELECT privilege on some column may be able to acquire denied-column values from an error message CVE-2021-3393. A user having a SELECT privilege on an individual column can craft a special query that returns all columns of...
Debian DSA-4622-1 : postgresql-9.6 - security update
Tom Lane discovered that 'ALTER ... DEPENDS ON EXTENSION' sub commands in the PostgreSQL database did not perform authorisation checks. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4622. The text itself is...