Bugs fixes in "postgresql-14"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2024-10977 | Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to | 2024-12-02 |
| CVE | CVE-2024-10976 | Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2 | 2024-12-02 |
| Launchpad | 2085196 | New PostgreSQL upstream microreleases 12.22, 14.15 and 16.6 | 2024-12-02 |
| CVE | CVE-2024-10979 | Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variabl | 2024-12-02 |
| CVE | CVE-2024-10978 | Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An atta | 2024-12-02 |
| CVE | CVE-2024-10977 | Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to | 2024-12-02 |
| CVE | CVE-2024-10976 | Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2 | 2024-12-02 |
| Launchpad | 2085196 | New PostgreSQL upstream microreleases 12.22, 14.15 and 16.6 | 2024-12-02 |
| CVE | CVE-2024-7348 | Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user ru | 2024-08-19 |
| Launchpad | 2076183 | New upstream microreleases 12.20, 14.13, and 16.4 | 2024-08-19 |
| CVE | CVE-2024-7348 | Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user ru | 2024-08-19 |
| Launchpad | 2076183 | New upstream microreleases 12.20, 14.13, and 16.4 | 2024-08-19 |
| CVE | CVE-2024-7348 | Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user ru | 2024-08-19 |
| Launchpad | 2076183 | New upstream microreleases 12.20, 14.13, and 16.4 | 2024-08-19 |
| CVE | CVE-2024-7348 | Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user ru | 2024-08-19 |
| Launchpad | 2076183 | New upstream microreleases 12.20, 14.13, and 16.4 | 2024-08-19 |
| CVE | CVE-2024-4317 | Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common value | 2024-05-30 |
| Launchpad | 2067388 | New upstream microreleases 12.19, 14.12, 15.7 and 16.3 | 2024-05-30 |
| CVE | CVE-2024-4317 | Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common value | 2024-05-30 |
| Launchpad | 2067388 | New upstream microreleases 12.19, 14.12, 15.7 and 16.3 | 2024-05-30 |
About
-
Send Feedback to @ubuntu_updates
