Package "postgresql-16"
Name: | postgresql-16 |
Description: |
The World's Most Advanced Open Source Relational Database |
Latest version: | 16.4-0ubuntu0.24.04.1 |
Release: | noble (24.04) |
Level: | security |
Repository: | main |
Homepage: | http://www.postgresql.org/ |
Links
Download "postgresql-16"
Other versions of "postgresql-16" in Noble
Repository | Area | Version |
---|---|---|
base | universe | 16.2-1ubuntu4 |
base | main | 16.2-1ubuntu4 |
security | universe | 16.4-0ubuntu0.24.04.1 |
updates | main | 16.4-0ubuntu0.24.04.2 |
updates | universe | 16.4-0ubuntu0.24.04.2 |
PPA: Postgresql | 16.6-1.pgdg22.04+1 | |
PPA: Postgresql | 16.6-1.pgdg20.04+1 |
Packages in group
Deleted packages are displayed in grey.
- libecpg-compat3
- libecpg-dev
- libecpg6
- libpgtypes3
- libpq-dev
- libpq5
- postgresql-client-16
- postgresql-doc-16
- postgresql-plperl-16
- postgresql-plpython3-16
- postgresql-pltcl-16
Changelog
Version: 16.4-0ubuntu0.24.04.1 | 2024-08-19 17:07:12 UTC | ||||
---|---|---|---|---|---|
postgresql-16 (16.4-0ubuntu0.24.04.1) noble-security; urgency=medium * New upstream version (LP: #2076183). + A dump/restore is not required for those running 16.X. + However, if you are upgrading from a version earlier than 16.3, see
+ Prevent unauthorized code execution during pg_dump (Masahiko Sawada) An attacker able to create and drop non-temporary objects could inject
The PostgreSQL Project thanks Noah Misch for reporting this problem.
+ Details about these and many further changes can be found at:
* d/postgresql-16.NEWS: Update. -- Athos Ribeiro <email address hidden> Tue, 06 Aug 2024 15:13:57 -0300 |
|||||
Source diff to previous version | |||||
|
Version: 16.3-0ubuntu0.24.04.1 | 2024-05-30 14:07:16 UTC | ||||
---|---|---|---|---|---|
postgresql-16 (16.3-0ubuntu0.24.04.1) noble-security; urgency=medium * New upstream version (LP: #2067388). + A dump/restore is not required for those running 16.X. + However, a security vulnerability was found in the system views
+ Also, if you are upgrading from a version earlier than 16.2, see
+ Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries
These views failed to hide statistics for expressions that involve
The PostgreSQL Project thanks Lukas Fittl for reporting this
By itself, this fix will only fix the behavior in newly initdb'd
- In each database of the cluster, run the
\i /usr/share/postgresql/16/fix-CVE-2024-4317.sql It will not hurt to run the script more than once. - Do not forget to include the template0 and template1 databases,
ALTER DATABASE template0 WITH ALLOW_CONNECTIONS true; and then after fixing template0, undo it with: ALTER DATABASE template0 WITH ALLOW_CONNECTIONS false; (CVE-2024-4317) + Details about these and many further changes can be found at:
* d/postgresql-16.NEWS: Update. -- Sergio Durigan Junior <email address hidden> Wed, 29 May 2024 13:16:10 -0400 |
|||||
|