[CLSA-2025:1747431041] Fix CVE(s): CVE-2024-10976, CVE-2024-10977
Type:
security
Severity:
Moderate
Release date:
2025-05-16 21:30:46 UTC
Description:
* SECURITY UPDATE: incomplete tracking of row security allows unauthorized access to data - debian/patches/CVE-2024-10976.patch: Ensure cached plans to be correctly marked as dependent on role to fix the issue of neglected marking which could lead to incorrect row visibility. - CVE-2024-10976 * SECURITY UPDATE: server error message leakage - debian/patches/CVE-2024-10977.patch: Discard error messages received during SSL and GSS negotiation to prevent arbitrary bytes written to the client's terminal - CVE-2024-10977
Updated packages:
  • libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:1e37fd9948ba3efde7a29126a162932744e545eb
  • libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:ec3064c65a20f080da4593eba7c6b70ec602596b
  • libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:d5080ba5900b6349c2c8f0713ab8d0c8afb063b6
  • libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:74f1549978f83ef27e9fbda8c9c906691f1d6140
  • libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:0412179d4ab41542dfac05bf9b92407ff18c5bd1
  • libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:ab5eefc26e4f27308d504920e49151213b37c86e
  • postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:edc7cc29f84c66158ad71ba85a3d2afec34cc82b
  • postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:da0534de4fb13910100a708a5f7a60f26c883fec
  • postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:81869eda117a784b3beadee3430cd969da65c6d2
  • postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_all.deb
    sha:9bc1d74d516a5b2a542754cf549e59a857ca312a
  • postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:b58320534de02274593c7eda0fbb710abc01da01
  • postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:fe60410b1e9780002102bf08f59167ed3e3a385a
  • postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:825eff16dcc745f9bed2d35d041c46c71d87280f
  • postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:39ed1425e7fd6aa57162467c4795145d27ac6216
  • postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els10_amd64.deb
    sha:dab472c1d1556f42e44f9d275d399f8fbe9a912b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.