Ubuntu 18.04 LTS USN-6538-2: PostgreSQL Moderate Security Update
Jan 17, 2024
•
LinuxSecurity Advisories
1 - 2 min read
Topics Covered
Several security issues were fixed in PostgreSQL.
========================================================================== Ubuntu Security Notice USN-6538-2 January 17, 2024 postgresql-10 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in PostgreSQL. Software Description: - postgresql-10: Object-relational SQL database Details: USN-6538-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-5868) Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. (CVE-2023-5869) Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations. (CVE-2023-5870) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): postgresql-10 10.23-0ubuntu0.18.04.2+esm1 postgresql-client-10 10.23-0ubuntu0.18.04.2+esm1 After a standard system update you need to restart PostgreSQL to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6538-2 https://ubuntu.com/security/notices/USN-6538-1 CVE-2023-5868, CVE-2023-5869, CVE-2023-5870
PREVIOUS
NEXT
Ubuntu 18.04 LTS USN-6538-2: PostgreSQL Moderate Security Update
ubuntu
January 17, 2024
Several security issues were fixed in PostgreSQL.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in PostgreSQL. Software Description: - postgresql-10: Object-relational SQL database Details: USN-6538-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 18.04 LTS. Original advisory details: Jingzhou Fu discovered that PostgreSQL incorrectly handled certain unknown arguments in aggregate function calls. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-5868) Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. (CVE-2023-5869) Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role...
Read the Full Advisory
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): postgresql-10 10.23-0ubuntu0.18.04.2+esm1 postgresql-client-10 10.23-0ubuntu0.18.04.2+esm1 After a standard system update you need to restart PostgreSQL to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-6538-2
https://ubuntu.com/security/notices/USN-6538-1
CVE-2023-5868, CVE-2023-5869, CVE-2023-5870
Ubuntu Security Notice USN-6538-2
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!