-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6385-1                   [email protected]
https://www.debian.org/security/                       Moritz Muehlenhoff
July 08, 2026                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pgextwlist
CVE ID         : CVE-2023-39417

Guillaume Winter discovered that pgextwlist, an extension for PostgreSQL
implementing a whitelist mechanism for PostgreSQL extensions, was
susceptible to SQL injection via crafted schema and user names.

For the stable distribution (trixie), this problem has been fixed in
version 1.19-1+deb13u1.

We recommend that you upgrade your pgextwlist packages.

For the detailed security status of pgextwlist please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pgextwlist

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmpOwBsACgkQEMKTtsN8
TjbxQw/+ItKwKR7JmC9HMM2xX4dsLHIyU/vCv2cIoX/q9vZl5Dmc1lkGJ8kWLxaw
Wmwpz8naS1sjaPQ2dw+LVQBXLlVLgt9QFBMWPmRVr4OCdk/qOkO5OEntWlULKW+v
y/49X6cCvVS68D1h78EASZexcCXBiStKNn8MM5lNzyTtDYWCFCdJo6B4gjkqvBAh
nTTsVNRWe6d6BMo79ybGolOK0Bg2pmU7omdeWdHeHMvVHkxGFCHpLD+j2kMk3b3A
vW+wNQ0nC9llDz4fRTi9Y+Btl9ZB8+PA+yeZOrVe9q+jQNAwGP+2tfmaLhzIRqN2
ETXxuuUczB2fI82MD76+TYKrrMEefN7Crg/4Ba+TsFd9qjtmTIbeIWLpgbdGqHZM
R/Cy9bPdf/kU7D32cy+4gBlG9coRb40Qr1BOWUCP+cafrZo6GbQtWn4bIFFU5fpB
aZPIcp3MqZ+GH+rvbt9mVfBwXdbgw/4IuYo6ghzPm7xye/e1e/ICsIlj0feSFbcM
hb+aHJZoxUhVLK+3T8v+yhIAeGtrui3KAPsXLUzq46zGDR+mS+0BcPn5E4ngNGLR
hVLLvhiJP43JO5M9H87f/tGHlfMBWR7LPiGU980L8Fk1UQKEdDumYo36h+0UhAK6
tcWVEsLPTTSGEaaapDmM9sGqvoywLGgZNq3BUM/UjRHwii3nGMw=
=xlH3
-----END PGP SIGNATURE-----

Reply via email to