drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in PostgreSQL
Name: |
Mehrere Probleme in PostgreSQL |
|
ID: |
DSA-3936-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian stretch |
|
Datum: |
Fr, 11. August 2017, 00:14 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7548 |
|
Applikationen: |
PostgreSQL |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3936-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : postgresql-9.6 CVE ID : CVE-2017-7546 CVE-2017-7547 CVE-2017-7548
Several vulnerabilities have been found in the PostgreSQL database system:
CVE-2017-7546
In some authentication methods empty passwords were accepted.
CVE-2017-7547
User mappings could leak data to unprivileged users.
CVE-2017-7548
The lo_put() function ignored ACLs.
For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/
For the stable distribution (stretch), these problems have been fixed in version 9.6.4-0+deb9u1.
We recommend that you upgrade your postgresql-9.6 packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlmMyu8ACgkQEMKTtsN8 TjY4TA//ZeCZDdLmLZE09WcDTwpsvcb6ZEdEj3jekMswPP6WHkZlnpVSX711Cyv0 veck/xojcIdGl6oki2/OM7ErJ3L7eteGLqswzWmsOk7lWSya5/EJCIV+DXGOhqnI ESSADLI+hLwoFqxGjYwbLfpyo7Mxpwfw42fRVVC++T2+7cG4BBsLJh++sOL/tIiD OEhVgK5NK+4r7E8ZpCcLW4BZBMPt6V31Pr0sXSa8gQ7D7LbNvI+v/L5cgZTL8Ewf WWf9NyWDgY06s+BvNxtNXwoeT9WTwigV3IFuwe5pmoRlwNdqGxIZBdUBd9tXDY1Y T6BrpHa0dyZVhNFL8TM8o8kOzZjpg5hiDzXDfeyGpOqEy6psdNll4kO66/XN0yoF LpQ60uMlmNso99vAuyY9S6/DoMRKVQifJT7epA8y0lF4T/YG0YN6nCeYwSsFQGOU gAhTgQIxxYnmu9pBDS7eFVijxBs7GfakGMF/VZ4VQ+1R3DGFncbyCVdJqiVUw9Db t7vym8cfUjaox9LuedGhXBdBxoy2cBdwvJ8BlAbHhmQ7O+mVrDbp1nqBN1bQaZo8 mWdaLdNM2PxVW5RGGYjSLdE7VgtCDEacTxiea1S4Q/ZvnoPV7qwvwo9a5RoaB+v3 5hd9SDcBvhrTNHDr8tRhr+yHMVjQZ8tvfMlR8WmLK7xM2Pnsdpo= =mzAD -----END PGP SIGNATURE-----
|
|
|
|