First published: Mon Oct 14 2024(Updated: )
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16. This update provides the corresponding updates for PostgreSQL-9.3 in Ubuntu 14.04 LTS and PostgreSQL-10 in Ubuntu 18.04 LTS. Original advisory details: Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/postgresql-10 | <10.23-0ubuntu0.18.04.2+esm2 | 10.23-0ubuntu0.18.04.2+esm2 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/postgresql-client-10 | <10.23-0ubuntu0.18.04.2+esm2 | 10.23-0ubuntu0.18.04.2+esm2 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/postgresql-9.3 | <9.3.24-0ubuntu0.14.04+esm1 | 9.3.24-0ubuntu0.14.04+esm1 |
Ubuntu Ubuntu | =14.04 | |
All of | ||
ubuntu/postgresql-client-9.3 | <9.3.24-0ubuntu0.14.04+esm1 | 9.3.24-0ubuntu0.14.04+esm1 |
Ubuntu Ubuntu | =14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.