Release Info

Advisory: CLSA-2024:1707420507

OS: Ubuntu 16.04 ELS

Public date: 2024-02-08 14:28:29

Project: postgresql-9.5

Version: 9.5.25-0ubuntu0.16.04.1+tuxcare.els6

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2024-1707420507.html

Changelog

* SECURITY UPDATE: A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. - debian/patches/CVE-2023-5869.patch: Detect integer overflow while computing new array dimensions. - CVE-2023-5869

Update

Update command: apt-get update apt-get --only-upgrade install postgresql-9.5*

Packages list

libecpg-compat3_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb libecpg-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb libecpg6_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb libpgtypes3_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb libpq-dev_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb libpq5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-client-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-contrib-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-doc-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_all.deb postgresql-plperl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-plpython-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-plpython3-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-pltcl-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb postgresql-server-dev-9.5_9.5.25-0ubuntu0.16.04.1+tuxcare.els6_amd64.deb

CVEs

CVE-2023-5869