ALT Linux Team

Package postgresql11 update in p9 on 2019-06-22

ALT-PU-2019-2127-1

Package postgresql11 updated to version 11.4-alt1 for branch p9 in task 232772.

Closed vulnerabilities

Published: 2019-06-20

BDU:2019-02385

Множественные уязвимости системы управления базами данных PostgreSQL, вызванные переполнением буфера на стеке, позволяющие нарушителю выполнить произвольный код

Severity: HIGH (7.5) Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2019-06-26
Modified: 2024-11-21

CVE-2019-10164

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top