Headline
Debian Security Advisory 5553-1
Debian Linux Security Advisory 5553-1 - Several vulnerabilities have been discovered in the PostgreSQL database system.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Debian Security Advisory DSA-5553-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
November 13, 2023 https://www.debian.org/security/faq
Package : postgresql-15
CVE ID : CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-39417
CVE-2023-39418
Several vulnerabilities have been discovered in the PostgreSQL
database system.
CVE-2023-5868
Jingzhou Fu discovered a memory disclosure flaw in aggregate
function calls.
CVE-2023-5869
Pedro Gallegos reported integer overflow flaws resulting in buffer
overflows in the array modification functions.
CVE-2023-5870
Hemanth Sandrana and Mahendrakar Srinivasarao reported that the
pg_cancel_backend role can signal certain superuser processes,
potentially resulting in denial of service.
CVE-2023-39417
Micah Gate, Valerie Woolard, Tim Carey-Smith, and Christoph Berg
reported that an extension script using @substitutions@ within
quoting may allow to perform an SQL injection for an attacker having
database-level CREATE privileges.
CVE-2023-39418
Dean Rasheed reported that the MERGE command to enforce UPDATE or
SELECT row security policies.
For the stable distribution (bookworm), these problems have been fixed
in version 15.5-0+deb12u1.
We recommend that you upgrade your postgresql-15 packages.
For the detailed security status of postgresql-15 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-15
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmVSkZ9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TEeA//aemORcM7eOsmMwuyYGoAjpV3o2f6Ji58KN/JunoHAU7TytATJbH1ImSt
llsXmd4gOnBCrI2HbpFwHTlgP38Ie3XGYh9Ubtb2sfbOWDgOc+OGF9GdgJ2zc50k
c/iLHIH4MmhPqC8r2aDSHM74iM0W4iXGp6d4APRIUWcTVP9GXCpVucF1WA0Oy+Pw
wLbqP4yp+w+eyjkZZ7sZ8vx5Q5Yk8YBjaXkoOwlR8+3yp7rzLzM8VHYn8hSQ6JLz
RJ6/gKizEHNLU1N6fq6UTHNINRq/C5fbwobW5Of8hPr/N+DpzpXI70PXj5DBFC9k
MNpAsc9DlQN0RFKVIKYWBiotOV6LHKnUZlHNRzNTS+nyUmdQmc7BO0tkSm8ChNF2
+YPj3LIlZwhgqSn/iI7BA62U5kp3UeF1EoRA1Mfxn7JK2xKo7cq2opluu3dndLIK
XsLjUcTOGMq6pNosz9lsJNAvqU7a5cSKCEBGHFdxZct1RHkbPNFcZUmsFhAcxpwx
klHYq1Pl54g1sNZS4KWmTW1TlGKj9d0teC9W8kQ+sGbF3HB5O+RsC+1zAvySMLJ/
u7U793pwaIc/B8KKSsDTqUe9wLLkNsRT/BDxCfhs7qj/cRP0++dwLDYGHtSzqThg
B/X8uUrJHsHWJ2IhK+jCpIufOaRSqoozsIqo7FNGbDZlt0ml/h0=
=CPWu
-----END PGP SIGNATURE-----
Related news
Red Hat Security Advisory 2024-0332-03 - Updated images are now available for Red Hat Advanced Cluster Security 4.1.6. The updated images includes security fixes.
Ubuntu Security Notice 6538-2 - USN-6538-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 18.04 LTS. Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.
Ubuntu Security Notice 6570-1 - Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.
Red Hat Security Advisory 2023-7885-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7884-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7883-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7790-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2023-7789-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2023-7788-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include an integer overflow vulnerability.
Red Hat Security Advisory 2023-7785-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7784-03 - An update for postgresql is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7714-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
Ubuntu Security Notice 6538-1 - Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.
Red Hat Security Advisory 2023-7695-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7694-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7667-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7656-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Red Hat Security Advisory 2023-7616-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7581-01 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7580-01 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7579-01 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7545-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Debian Linux Security Advisory 5554-1 - Several vulnerabilities have been discovered in the PostgreSQL database system.
Debian Linux Security Advisory 5554-1 - Several vulnerabilities have been discovered in the PostgreSQL database system.
Debian Linux Security Advisory 5554-1 - Several vulnerabilities have been discovered in the PostgreSQL database system.
Debian Linux Security Advisory 5554-1 - Several vulnerabilities have been discovered in the PostgreSQL database system.
Ubuntu Security Notice 6366-1 - It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser.
Ubuntu Security Notice 6296-1 - It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser. It was discovered that PostgreSQL incorrectly handled the MERGE command. A remote attacker could possibly use this issue to bypass certain UPDATE and SELECT policies. This issue only affected Ubuntu 23.04.
Ubuntu Security Notice 6296-1 - It was discovered that PostgreSQL incorrectly handled certain extension script substitutions. An attacker having database-level CREATE privileges can use this issue to execute arbitrary code as the bootstrap superuser. It was discovered that PostgreSQL incorrectly handled the MERGE command. A remote attacker could possibly use this issue to bypass certain UPDATE and SELECT policies. This issue only affected Ubuntu 23.04.
IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.