[CLSA-2024:1711492417] Fix CVE(s): CVE-2024-0985
Type:
security
Severity:
Important
Release date:
2024-03-26 22:33:39 UTC
Description:
* SECURITY UPDATE: Execution of arbitrary SQL functions as the command issuer because of late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY - debian/patches/CVE-2024-0985.patch: run REFRESH MATERIALIZED VIEW CONCURRENTLY in right security context - CVE-2024-0985
Updated packages:
  • libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:3fca4b733bf3415a8e2104fa4bdeddbcbde1718f
  • libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:957e67b164ec14593ad887f2990603bb57562802
  • libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:254d5de01f566098b2fe3c4522d4563f0358830a
  • libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:7d0f5eeac7e277d1a1db3997198bbbcafea8a4a6
  • libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:d2a3a31fa53986d3ec1fd859ab3e09c1185e605b
  • libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:e7e3ea194f96cac4d1524b9776bbc5e7d16272d3
  • postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:7d809b0bc8d47d9e63dfbc8aab865ac5e9bc0fea
  • postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:1e40dd49ff8949ec612e34fe868c722b81ce2917
  • postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:5636bd5bfe008176638e3bbed06ce348d7c759d7
  • postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_all.deb
    sha:53438584dbd8ed7dd7d035933835b02ab0e8f08d
  • postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:3bc710528d68eab2aef6508c6fd97daece7bb251
  • postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:8a9063a48c015db848110856ac0265f5d03fa5c5
  • postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:3819e0d504d00ed82272741f46a64b710c31a73f
  • postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:3f48b1f975e5df695ffde5822d4f0bb7de09727c
  • postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els7_amd64.deb
    sha:6721217034600e5a8b85dab0a66116dcccb95f3a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.