Headline
Debian Security Advisory 5746-1
Debian Linux Security Advisory 5746-1 - Noah Misch discovered a race condition in the pg_dump tool included in PostgreSQL, which may result in privilege escalation.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5746-1 [email protected]://www.debian.org/security/ Moritz MuehlenhoffAugust 09, 2024 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : postgresql-13CVE ID : CVE-2024-7348Noah Misch discovered a race condition in the pg_dump tool included inPostgreSQL, which may result in privilege escalation.For the oldstable distribution (bullseye), this problem has been fixedin version 13.16-0+deb11u1.We recommend that you upgrade your postgresql-13 packages.For the detailed security status of postgresql-13 please refer toits security tracker page at:https://security-tracker.debian.org/tracker/postgresql-13Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma11EEACgkQEMKTtsN8TjZxwg//bEVYrijo3AoQCcZMdHcgEPvJPYNUvCAsoX9NBiLzSPs0A8zW6OVmo3uCX+vY/YziF6z7CFU0BkFMDUGnbDnmAuMT2ZY7K2kqyUas3EwEsf3WScPDtRbo5V5ScXWUz+uuuAzibJWSZUr/MqjCojb5KwWoVKF5cw6e9glQNMgi0txLi+7xWK0Hkhye39Dm/RE9Brd6tyvSx5mm/sAuPv3H6ZktnIrWOrdZlglsiPURjUsY7ThYBrjbc/lLR3zNEYxHEvFf3MaXbud98wPou8tLl5qMSIZDYuc+IvYVCgCVUeiDUuPng5i23f4da0BoDRvzKk/7+20g3Z7pZm3kJJk+TYifELXEM2SFkLv/2rD4YVuqhMOkmsqYQXgLgvJ+XxkSzgnNBB7cML1F4+hq9zGtHyJgNiiaOfFFoL583WbHl7oRLAg+y0SCnXlCewft4KrIBhEe1zOJIuGQ/WL611/5dGy5tqkvivIoVbvcYZxmoVE5kllZEFjSsmfADfbn+HtA0lOHDwfyuBnvWOqzDgTd2BCdGIaF2+/FtUpqJDmjH6TnujtqDh6MmsbOaF/qw9XuI3jzORNjrLdFoJwya9N79vTYTgCFJEWl3oGygVkTG2RRhsqY6kNgQ6pykcfcw+m0uZFoT6SRNBllFhyrRTdvcm6GB5yXwVJKwERgRVlJWCM=wYjH-----END PGP SIGNATURE-----
Related news
Ubuntu Security Notice 6968-3 - USN-6968-1 fixedCVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16. This update provides the corresponding updates for PostgreSQL-9.3 in Ubuntu 14.04 LTS and PostgreSQL-10 in Ubuntu 18.04 LTS. Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.
Ubuntu Security Notice 6968-2 - USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS. Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.
Red Hat Security Advisory 2024-6559-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Security Advisory 2024-6558-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Security Advisory 2024-6557-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.
Red Hat Security Advisory 2024-6020-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-6018-03 - An update for the postgresql:13 module is now available for ed Hat Enterprise Linux 8.
Red Hat Security Advisory 2024-6001-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.
Red Hat Security Advisory 2024-6000-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.10.
Red Hat Security Advisory 2024-5999-03 - An update for the postgresql is now available for Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-5929-03 - An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 9.
Ubuntu Security Notice 6968-1 - Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.
Debian Linux Security Advisory 5745-1 - Noah Misch discovered a race condition in the pg_dump tool included in PostgreSQL, which may result in privilege escalation.