-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5974-1 [email protected] https://www.debian.org/security/ Aron Xu August 13, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : pgpool2 CVE ID : CVE-2024-45624 CVE-2025-46801 Debian Bug : 1081659 1106119 Two security issues were found in pgpool-II, the connection pool server and replication proxy for PostgreSQL, which could result in authentication bypass and exposure of sensitive information. For the oldstable distribution (bookworm), these problems have been fixed in version 4.3.5-1+deb12u1. We recommend that you upgrade your pgpool2 packages. For the detailed security status of pgpool2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pgpool2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEBLHAyuu1xqoC2aJ5NP8o68vMTMgFAmicO2wACgkQNP8o68vM TMhhMgf8CZhlYWlBuphd0x7T9dfLnx1lleKWmzWAwiJtzxEpHBFv8jiUjPgxupaF MPZhl/F2kiDNkQ5024ZRP6readDxobSk9lSEjzC5PbJN+HujqLDHyCqB/zWDieom QCHPoEdfBbj3tB71zLbnNDOb4tv8PeaJ77XrGzwYSJCAIEVAQdnHWYKGR/RWynWY c5whZZfF+ZDOYhJfVAwwL1a3TSmzL0y2HQeHBCqUa4goBEuFwt+Ru2+VgQmoT7yL RFARjgQeARgpFg3OEgs/hs9dfiP1rLqgvrZGQYhU0RwlDAwu8aR2iJHYE7Yk5Iv6 9gGYMKqtqDHYZ/bw13N+P1TQuGaPvQ== =XbNC -----END PGP SIGNATURE-----
