Release Info

Advisory: CLSA-2024:1707822783

OS: Ubuntu 18.04 ELS

Public date: 2024-02-13 06:13:05

Project: postgresql-10

Version: 10.23-0ubuntu0.18.04.2+tuxcare.els3

Errata link: https://errata.cloudlinux.com/ubuntu18-els/CLSA-2024-1707822783.html

Changelog

* SECURITY UPDATE: Memory disclosure in aggregate function calls - debian/patches/CVE-2023-5868.patch: Compute aggregate argument types correctly in transformAggregateCall(). - CVE-2023-5868 * SECURITY UPDATE: Role "pg_signal_backend" can signal certain superuser processes - debian/patches/CVE-2023-5870.patch: Ban role pg_signal_backend from more superuser backend. - CVE-2023-5870 -- Vladimir D. Seleznev <vseleznev@cloudlinux.com> Thu, 25 Jan 2024 21:31:25 +0200

Update

Update command: apt-get update apt-get --only-upgrade install postgresql-10*

Packages list

libecpg-compat3_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb libecpg-dev_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb libecpg6_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb libpgtypes3_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb libpq-dev_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb libpq5_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-client-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-doc-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_all.deb postgresql-plperl-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-plpython-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-plpython3-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-pltcl-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb postgresql-server-dev-10_10.23-0ubuntu0.18.04.2+tuxcare.els3_amd64.deb

CVEs

CVE-2023-5868
CVE-2023-5870