-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3072-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 11, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : postgresql-11 Version : 11.17-0+deb10u1 CVE ID : CVE-2022-2625 Sven Klemm found that some extensions in the PostgreSQL database system could replace objects not belonging to the extension. An attacker could leverage this to run arbitrary commands as another user. For Debian 10 buster, this problem has been fixed in version 11.17-0+deb10u1. We recommend that you upgrade your postgresql-11 packages. For the detailed security status of postgresql-11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/postgresql-11 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmL1J+YACgkQnUbEiOQ2 gwISWhAAx80oc3oM+0pqv4zm/kaQpmYDGBoc9Xzvn9uw6QVruQdLB+kgXucg7zRV 11s95Eqpmn0rBUHmBZjqhi2+UI1+VuCrmJ+QVFyqtjSs/oPDZZMqxDB7nLOickTZ lgeSlg3wpTAmqZHcjEk3aRcb7rmCQ2tKwW8aisJ68o92RMED6ijw0jd6Y0cdvzga d9HeMg+RBdIc+IBW1WEcHirMAuLMjF9++3wcPAsugyyBvdXZF4BDWXP5Uvg/RpzB umY6qtFfaMLKJ4B9MnwIUDVjIm9LCI8O6wQjwFg0mPdyhgEfNxDi/yCfL7qZQrIL vSC988SRYkWlehY3hLKQJVFM7mYpA3vbadL1DU96eZXt8mI6pqi20iil/YNMh1T6 5k6DwdPX1TqYJcBlJMJpF3kHutTEYaGu2xRdnIGYZoUzEe4JiCQY22BONKC64X2p tfsZMpCDN2tscf68ky5pGulJOphrNq18xDA9SwvAllUcQJU+uq74YX4s/9EUGyw0 WOnGJ/J5tAYE71ZB1kKKWsi9DmFox86GRQq4bIA0R1xib8XZuzVT8t0tm5FM/fBS cd5OUa276LPcnN+WNV4pXHxaCrTBqwvwerir41At4/Uci5QoqvhDsziBI+YCPK+G ATgQX9VqM/3kDrSX/+v/Tz2kK+W9alMOP7I1gupk+NuGeqyQDcg= =ROiT -----END PGP SIGNATURE-----
