Bugs fixes in "postgresql-17"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-6637 | Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user runni | 2026-05-22 |
| CVE | CVE-2026-6475 | Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgr | 2026-05-22 |
| CVE | CVE-2026-6477 | Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functi | 2026-05-22 |
| CVE | CVE-2026-6478 | Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to | 2026-05-22 |
| CVE | CVE-2026-6472 | Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, inc | 2026-05-22 |
| CVE | CVE-2026-6474 | Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone | 2026-05-22 |
| CVE | CVE-2026-6638 | SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL | 2026-05-22 |
| CVE | CVE-2026-6476 | SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The a | 2026-05-22 |
| CVE | CVE-2026-6473 | Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and wri | 2026-05-22 |
| CVE | CVE-2026-6479 | Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained d | 2026-05-22 |
| Launchpad | 2152636 | New PostgreSQL upstream microreleases 14.23, 16.14, 17.10, and 18.4 | 2026-05-22 |
| CVE | CVE-2026-6637 | Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user runni | 2026-05-21 |
| CVE | CVE-2026-6475 | Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgr | 2026-05-21 |
| CVE | CVE-2026-6477 | Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functi | 2026-05-21 |
| CVE | CVE-2026-6478 | Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to | 2026-05-21 |
| CVE | CVE-2026-6472 | Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, inc | 2026-05-21 |
| CVE | CVE-2026-6474 | Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone | 2026-05-21 |
| CVE | CVE-2026-6638 | SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL | 2026-05-21 |
| CVE | CVE-2026-6476 | SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The a | 2026-05-21 |
| CVE | CVE-2026-6473 | Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and wri | 2026-05-21 |
About
-
Send Feedback to @ubuntu_updates
