Debian: Security Advisory (DLA-1784)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : postgresql, postgresql96, postgresql10 / postgresql12 (SUSE-SU-2020:3343-1)

This update changes the internal packaging for postgresql, and so contains all currently maintained postgresql versions across our SUSE Linux Enterprise 12 products. postgresql12 is shipped new in version 12.3 bsc1171924. The server and client packages only on SUSE Linux Enterprise Server 12 SP5,...

[SECURITY] [DLA 2105-1] postgresql-9.4 security update

Package : postgresql-9.4 Version : 9.4.26-0+deb8u1 CVE ID : CVE-2020-1720 Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks. For Debian 8 "Jessie", this problem has been fixed in version 9.4.26-0+deb8u1. We...

DLA-2105-1 postgresql-9.4 - security update

Bulletin has no description...

Debian: Security Advisory (DLA-1874-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA-1874-1] postgresql-9.4 security update

Package : postgresql-9.4 Version : 9.4.24-0+deb8u1 CVE ID : CVE-2019-10208 CVE-2019-10208: TYPE in pgtemp executes arbitrary SQL during SECURITY DEFINER execution Versions Affected: 9.4 - 11 Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of th...

DLA-1874-1 postgresql-9.4 - security update

Bulletin has no description...

Debian DLA-1784-1 : postgresql-9.4 new minor release

The PostgreSQL project has release a new minor release of the 9.4 branch. For Debian 8 'Jessie', this has been uploaded as version 9.4.22-0+deb8u1. We recommend that you upgrade your postgresql-9.4 packages. Note that the end of life of the 9.4 branch is scheduled for February 2020. Please consid...

[SECURITY] [DLA 1784-1] postgresql-9.4 new minor release

Package : postgresql-9.4 Version : 9.4.22-0+deb8u1 The PostgreSQL project has release a new minor release of the 9.4 branch. For Debian 8 "Jessie", this has been uploaded as version 9.4.22-0+deb8u1. We recommend that you upgrade your postgresql-9.4 packages. Note that the end of life of the 9.4...

Debian DLA-1642-1 : postgresql-9.4 new minor release

The PostgreSQL project has release a new minor release of the 9.4 branch. For Debian 8 'Jessie', this has been uploaded as version 9.4.20-0+deb8u1. We recommend that you upgrade your postgresql-9.4 packages. NOTE: Tenable Network Security has extracted the preceding description block directly fro...

Debian DLA-1464-1 : postgresql-9.4 security update

An unprivileged user of dblink or postgresfdw could bypass the checks intended to prevent use of server-side credentials, such as a /.pgpass file owned by the operating-system user running the server. Servers allowing peer authentication on local connections are particularly vulnerable. Other...

Debian: Security Advisory (DLA-1464-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4027-1 : postgresql-9.4 - security update

A vulnerabilitiy has been found in the PostgreSQL database system: Denial of service and potential memory disclosure in the jsonpopulaterecordset and jsonbpopulaterecordset functions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

DSA-4027-1 postgresql-9.4 - security update

Bulletin has no description...

CVE-2017-15098

Invalid jsonpopulaterecordset or jsonbpopulaterecordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory...

Debian DSA-3935-1 : postgresql-9.4 - security update

Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7546 In some authentication methods empty passwords were accepted. - CVE-2017-7547 User mappings could leak data to unprivileged users. - CVE-2017-7548 The loput function ignored ACLs. For more in-depth...

[SECURITY] [DSA 3935-1] postgresql-9.4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3935-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq -...

DSA-3935-1 postgresql-9.4 - security update

Bulletin has no description...

Debian DSA-3851-1 : postgresql-9.4 - security update

Several vulnerabilities have been found in the PostgreSQL database system : - CVE-2017-7484 Robert Haas discovered that some selectivity estimators did not validate user privileges which could result in information disclosure. - CVE-2017-7485 Daniel Gustafsson discovered that the PGREQUIRESSL...