[SECURITY] [DLA 3644-1] phppgadmin security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3644-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
November 03, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : phppgadmin
Version : 5.1+ds-4+deb10u1
CVE ID : CVE-2023-40619
Debian Bug : 1053004
It was discovered there was a potential remote code execution
vulnerability in phppgadmin, a web-based administration tool for the
PostgreSQL database server. This issue concerned the deserialisation
of untrusted data which may have led to remote code execution because
user-controlled data was being passed directly to the PHP
'unserialize()' function.
For Debian 10 buster, this problem has been fixed in version
5.1+ds-4+deb10u1.
We recommend that you upgrade your phppgadmin packages.
For the detailed security status of phppgadmin please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/phppgadmin
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmVErT8ACgkQHpU+J9Qx
HlhuyQ//QBTZc7HQZhlJWbVu6d0qxNY2CgX3kZo0wkO/txWWNWMRHaZy/HbTQgPI
7/up4G7tnb1i0pXYHkxy6dYydp46RlW0qSw9uCSzN3PTL6BJdUbM8l6kh/I+sDCw
Mp3L1s50IuHUxAMvdllOricNamyxrbuwqptowcqe8SNP05iBKYrLir25CucHNahb
kSNwkJtStZzYoaCaRX4+cMraqvLiTYHiv9NymbNDKw7iReBrGcq0RAK1lW95y07S
ECn3eJYHwgkvjxCNA8qQj3fct0w16neHr+DiO7GKRxExqk66vSLC5qWhPp7e4noy
OfWUlcwpDK4YfebrlPjUL9zrTYIpESqUhgUV57VqO2lG7sNPAJLgBYo98QDTVx1y
vYQMxwHZvYmVZ8nOruCgrhcc2+ibB32DMBbN9i9YNV5G+qeUBtWcdszZeRiYRZ9O
7t+MjyCBqwZOv8rbkZziqvftik3taZiFbt/jUsbzRzRxfx8RDBGcG9hdEqNYAIwi
250S0NYRmflQSD5RLGxaBP02c7VQOZBtTKf6HwqH8LmldKiZiaVZHUlorUZ0PwKa
3/sIbBG1lA0p15Zfb/bhh7hzQ11oejk/zsQ6KPposmmOsHMhyJmk/u0J1lTDH6TN
KDOAHxR89eC2eRCSqgrIYok8v6fO2kY4/EiquW1eDgv+VmOWCwg=
=cih6
-----END PGP SIGNATURE-----
Reply to: