Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Ubuntu 16.04 ESM USN-5765-1 Critical: PostgreSQL SQL Issue

Calendar Dec 07, 2022 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical Ubuntu SQL injection PostgreSQL network access
PostgreSQL could allow unintended access to network services. 
=========================================================================Ubuntu Security Notice USN-5765-1
December 07, 2022

postgresql-9.5 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

PostgreSQL could allow unintended access to network services.

Software Description:
- postgresql-9.5: Object-relational SQL database

Details:

Jacob Champion discovered that PostgreSQL incorrectly handled SSL
certificate verification and encryption. A remote attacker could possibly
use this issue to inject arbitrary SQL queries when a connection is first
established.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
  postgresql-9.5                  9.5.25-0ubuntu0.16.04.1+esm3

After a standard system update you need to restart PostgreSQL to make all the
necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5765-1
  CVE-2021-23222

Ubuntu 16.04 ESM USN-5765-1 Critical: PostgreSQL SQL Issue

ubuntu
Calendar Grey December 7, 2022
Dist Ubuntu Esm H88
Critical alert for Ubuntu 16.04 regarding PostgreSQL 9.5; potential unauthorized access vulnerability identified. Immediate update required!
PostgreSQL could allow unintended access to network services.

Summary

Topics%20covered

Topics Covered

security advisory critical Ubuntu SQL injection PostgreSQL network access

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: postgresql-9.5 9.5.25-0ubuntu0.16.04.1+esm3 After a standard system update you need to restart PostgreSQL to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5765-1

CVE-2021-23222

Severity
critical
Lowest
Low
Medium
High
Critical

December 07, 2022

Topics%20covered

Topics Covered

security advisory critical Ubuntu SQL injection PostgreSQL network access

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here