Debian: DSA-5136-1: postgresql-13 security update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5136-1                   [email protected]
https://www.debian.org/security/                       Moritz Muehlenhoff
May 12, 2022                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : postgresql-13
CVE ID         : CVE-2022-1552

Alexander Lakhin discovered that the autovacuum feature and multiple
commands could escape the "security-restricted operation" sandbox.

For additional information please refer to the upstream announcement
at https://www.postgresql.org/support/security/CVE-2022-1552/

For the stable distribution (bullseye), this problem has been fixed in
version 13.7-0+deb11u1.

We recommend that you upgrade your postgresql-13 packages.

For the detailed security status of postgresql-13 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-13

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Debian: DSA-5136-1: postgresql-13 security update

May 12, 2022
Alexander Lakhin discovered that the autovacuum feature and multiple commands could escape the "security-restricted operation" sandbox

Summary

Alexander Lakhin discovered that the autovacuum feature and multiple
commands could escape the "security-restricted operation" sandbox.

For additional information please refer to the upstream announcement
at https://www.postgresql.org/support/security/CVE-2022-1552/

For the stable distribution (bullseye), this problem has been fixed in
version 13.7-0+deb11u1.

We recommend that you upgrade your postgresql-13 packages.

For the detailed security status of postgresql-13 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-13

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Severity
Package : postgresql-13
CVE ID : CVE-2022-1552

Related News

NordVPN Makes its Meshnet Private Tunnel Free for Everyone

Microsoft Makes Azure Kubernetes Service Secure To Run Multi-Tenant Workloads

Linux 6.0 Adding Run-Time Verification For Running On Safety Critical Systems

Microsoft Azure FabricScape Bug Let Hackers Hijack Linux Clusters

News

Advisories

HOWTOs

Features

Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation
Best Practices for PHP Security
Why Cloud Linux Is Beneficial for E-Commerce Stores

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy