—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————

Debian Security Advisory DSA-4623-1 security (at) debian (dot) org [email concealed]
https://www.debian.org/security/ Moritz Muehlenhoff
February 13, 2020 https://www.debian.org/security/faq
– ————————————————————————

Package : postgresql-11
CVE ID : CVE-2020-1720

Tom Lane discovered that “ALTER … DEPENDS ON EXTENSION” sub commands
in the PostgreSQL database did not perform authorisation checks.

For the stable distribution (buster), this problem has been fixed in
version 11.7-0+deb10u1.

We recommend that you upgrade your postgresql-11 packages.

For the detailed security status of postgresql-11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5Fv1gACgkQEMKTtsN8
TjYjgxAAidb6SKoJIdo91ZPKnbLJ4oa/ltled1BhtoT8pPyRqsa1wTvL//AvN/ca
URC2EJj+h5SaYL3Ap506QkyqUDxF4MJ+uioAGVTYE1vutTQO39PRwCdoyfiRH/N+
Q6KZ2+X3MbhplK9U7N0j4DZTqiSOYhaAKUzlUdQNPOfirl3IczKmXAGg6tArJt64
wjsjagIpmOGX17s8956unhYeLo3dg/rUfor/NEf/RcEK2SUeRhS131zofguV/KNA
LMHEtYn1xnB96EbjFRMAlOjo8yKBsIdopfzdAsHCyjteaEMKw22hYvBB+rEJH441
rhSM+zD57UyZAWUzcesPXKwtVMTsmWIr4PKnVBX9oxsPDqud4/HTQrqmIh6gzXtH
ELbtxRXjdFs4JpoFKQ1i3YsdPldoq+Iuymh0JCJvzIrDg8sVj0w9yvS8mTZiAEul
83A2XJDBOOkn24miUXWfivVB3AC8p9L2W3SjOPLQv0EmROdq//3aMN5sNuZk2dM9
bGm8SqIW2hFaT6TQ3kkW9iTlNJ/jEKvTqcGic0iuhwRIubNA09+gztHvr9F6N5hb
75g1WgnMsYwYQRktyRZ6oqv5ze/IIqTTkcKjQQRNddIaxLQC/5FE9zQMhkHFaOS+
stBp4Ed1NmG/SFdh8EXKY+eer3SkrP9R/SMClJsW4tBIBB0wG/U=
=eIi6
—–END PGP SIGNATURE—–

[ reply ]



Source link

Write a comment:
*

Your email address will not be published.