it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5812-1] postgresql-15 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5812-1] postgresql-15 security update
Date: Fri, 15 Nov 2024 21:43:37 +0000
Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/ZzfAiaX+nThzubj2 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=KdZQPdoeF96ZiK1/Z2B56li60haM5RtguSmjytTu00Q=; b=t9 a3UduOGORZwEw7jUYMav69NOIgMh4W57FG5tPzPvVXhOrZGstMqIhQIDTjUE+2MWqxNjWKUf7TqyZ XvbILJXzlrr/RddhLzjDHsT4qh/5nIoNq1+5CQKwDhlCt8Ax2k5G4d9FmGWo1EmoUAz+/2u/hjSaj WqD4iyHUOGt0hfKyEPjQkYYZnxgc3V/dMoiCcI1eMImYZos3EbM5RrBNwLDtcKTKhAvQB8Qa5PPa7 t4fiddDgcDSfGIW6VpVnbmkgWgccR9fbIR5eeNPpbiQX250E2jUFT9wt/yqABMiF4eYMV1YMBZuLC o8PbTPZK4866KlaqkgdevbX5PlL/6Z+A==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 15 Nov 2024 21:44:01 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <R5Q5MqOIxSK.A.N2UI.hC8NnB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5812-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 15, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : postgresql-15
CVE ID : CVE-2024-10976 CVE-2024-10977 CVE-2024-10978 CVE-2024-10979

Multiple security issues were discovered in PostgreSQL, which may result in
the execution of arbitrary code, privilege escalation or log manipulation.

For the stable distribution (bookworm), these problems have been fixed in
version 15.9-0+deb12u1.

We recommend that you upgrade your postgresql-15 packages.

For the detailed security status of postgresql-15 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-15

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmc3hfUACgkQEMKTtsN8
TjalVxAAmmEGwof8hC+HRIlI65sI/pwgMrmmJSWjAYMYMJbED7cSFbk66SMBa/GI
d+yXBJY8WFwLrkJAqjsn8iFDdILEjoY7uMTsbaf4aKZUgLEPLH8wSjRVGlg63q4S
Rc4pK7eNwPI1T3IqEfhmnJQFLh/WC34iPpuokL+52FpfajRXZ3yxA3ZSuE5cqBVp
/JRvtq6NNaVz5uLSdCDrSHm+eV+TC16XZSPJVYCT8Rt21D93xn7HS3bidWuqhTbB
LRJCD4FOJ9gSGGAG+BME5h33NpqyZboE43ikLAfWmGKhL50ymSnZ5waPUW990RmX
a4D+HKgVynumjaZHohUnT5L+6Baw1UnqaaevkZa7wo8iaanmf2odYGYP1pJavCJp
rKQ5yCLCErFL5IACTcC7tergpffZlrZXt8owt9h/ahW+BglBfB2PglxTYhDrIRl9
A4d0lG0DfltPAFyOMB3VgrKd6w9myIK6W6KDrN4B/dnu7bDf8XCxfdDe7KsFaScz
7ZXz7tYkC5/k2KOxLo43i1yaQRXLhei1OuklcaEZy2oD/RU1C1by5GQCIvfvKg9D
0eGipGy6rh12wIq66Ef0neUHbuja6/zR304nU/1XPAV+2qPWGRN5SsScf1lbkXD2
CcpgR7n5S3mU1fN9Ufd42koI/oQ0Q5gCKvVm2VUzQZrjnWfj5H4=
=ab7S
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5812-1] postgresql-15 security update, Moritz Muehlenhoff, 15.11.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.