========================================================================== Ubuntu Security Notice USN-7315-2 April 30, 2025
postgresql-10 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: PostgreSQL could be made to execute arbitrary code if it received specially crafted input. Software Description: - postgresql-10: Object-relational SQL database Details: USN-7315-1 fixed a vulnerability in PostgreSQL. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax in certain scenarios. A remote attacker could possibly use this issue to perform SQL injection attacks. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS postgresql-10 10.23-0ubuntu0.18.04.2+esm3 Available with Ubuntu Pro postgresql-client-10 10.23-0ubuntu0.18.04.2+esm3 Available with Ubuntu Pro After a standard system update you need to restart PostgreSQL to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7315-2 https://ubuntu.com/security/notices/USN-7315-1 CVE-2025-1094
OpenPGP_signature.asc
Description: OpenPGP digital signature
