[CLSA-2023:1696537563] Fix CVE(s): CVE-2023-39417
Type:
security
Severity:
Important
Release date:
2023-10-05 20:26:07 UTC
Description:
* SECURITY UPDATE: SQL injection when @extowner@, @extschema@, or @extschema:...@ appeared inside a quoting construct (dollar quoting, '', or "") - debian/patches/CVE-2023-39417: reject substituting extension schemas or owners matching ["$'\]. - CVE-2023-39417 -- Pavel Kopylov Fri, 15 Sep 2023 10:55:03 +0300
Updated packages:
  • libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:dfcd43c7e4a2c5d25263397a1732b4f06b91c49a
  • libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:d31cc9c4182a40379c09cae6c6f223ddc79725ea
  • libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:e6a9d63230eccbc5f806c0cc6086ff42fd818031
  • libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:48264a897e034c9a1adfe73cedfd34562ef68c5f
  • libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:f2317d786246ef0fabad18e6d740e355832122c5
  • libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:f7dbed40781673e6a751a54dff1350ab8bd219cc
  • postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:406b60c982d47b710150c64180a5f991472521c9
  • postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:7894119be32d2a80d723138dc09f3343dc186716
  • postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_all.deb
    sha:608b8d1b6b136497a8f7964df14f8483fa8801f3
  • postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:62d1edc89120e65b1d506ee8335a75ac7c02120f
  • postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:296b5288da0cc1b0348b3a415ba419a42bc6599d
  • postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:823eeeac31e8d89e7f3a02db75952df47c36d052
  • postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:c36fcba48ac346d2f7a31233788f90893d318c77
  • postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els1_amd64.deb
    sha:d40fb3a35c03b23926505cc96fb19b93744ce237
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.