Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 40: 2024-4d4ceb61f7 Moderate: pgAdmin Multi-Factor Bypass and XSS

fedora
Calendar Grey May 23, 2024
Dist Fedora Esm H88
The latest pgAdmin 4.8.6 update addresses critical security flaws, such as multi-factor authentication bypass and XSS vulnerabilities for Fedora 40 users
Update to pgadmin4-8.6

Summary

pgAdmin is the most popular and feature rich Open Source administration and development

platform for PostgreSQL, the most advanced Open Source database in the world.

Update Information:

Update to pgadmin4-8.6

Change Log

* Fri May 3 2024 Sandro Mani - 8.6-1 - Update to 8.6 * Sat Apr 13 2024 Benjamin A. Beasley - 8.5-2 - Adjust typer dependency for typer 0.12.1

References


[ 1 ] Bug #2278856 - CVE-2024-4215 pgadmin4: multi-factor authentication bypass [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2278856 [ 2 ] Bug #2278857 - CVE-2024-4216 pgadmin4: XSS in /settings/store API response json payload [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2278857

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4d4ceb61f7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: pgadmin4
Product: Fedora 40
Version: 8.6
Release: 1.fc40
Summary: Administration tool for PostgreSQL

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here