[SECURITY] [DSA 5745-1] postgresql-15 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5745-1] postgresql-15 security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 9 Aug 2024 08:39:36 +0000
Message-id: <ZrXVyFkZS/6slwey@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5745-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 09, 2024                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : postgresql-15
CVE ID         : CVE-2024-7348

Noah Misch discovered a race condition in the pg_dump tool included in
PostgreSQL, which may result in privilege escalation.

For the stable distribution (bookworm), this problem has been fixed in
version 15.8-0+deb12u1.

We recommend that you upgrade your postgresql-15 packages.

For the detailed security status of postgresql-15 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postgresql-15

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAma11EAACgkQEMKTtsN8
TjaqZRAAtSdRKaKkHTz14XjjqH3d4lBvZpkZB5p5phqeR2KM2+ZpA++YalAcrnRi
AmhHEb0uoCV4R8zQxGw23zpjWKyR3uvW2RMyK1S62eOvZ7u+ia7iffNhmHzzQWdV
YcjCbJSMw2gpNo71houCZ5064Z86AFLpzd/HY0rlTnlF73gpXGndOnN8nRNagimL
Q0N3kY5yt7HNDKnOkZtsZkHoyQ52eCobXuXTJ3b/QgbzAMR6tWdp7P6Vlf1d0H0J
A3npdCYDh4cY+TyGVXYiR1KjU7qtYDLf5cWbUC1ie8iE811Y0nNSP22zd/0zH2WV
JDbMFxsej1WE1fSLa/ksr+22KHwjpQwz76hcHEUZbrBdP/2qAs6CV203mpqZD0Gr
YI6wASQbXQEPgzVLFhnHYISnNTv/ggX+w/shcB6qp1y1gs4FEYIf9D3btKZutiND
kSBh4v43GBI0j7nOMd/Je2Dvg4JzFZ5k57SaMYfS7Qkic3/h2h2VYXK0KiaNoGQs
nrCGAW6GU+Owccr02UYgBYPedK9ZU9ZXIgUfrRG0087vxm0hfrpmQd4+yb3Yc60u
RCV1YD/NEeQTD538T/UjdBXhnHIPdFK6hHasbuRbB7+ZwSAEV9aaY04kif27ANz7
9aVAGdFoVYNS9o0bkCWJ0+IH3J6iLTBj7Oe3hv6cXunj/X8rGyM=
=nOfc
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5744-1] thunderbird security update
Next by Date: [SECURITY] [DSA 5746-1] postgresql-13 security update
Previous by thread: [SECURITY] [DSA 5744-1] thunderbird security update
Next by thread: [SECURITY] [DSA 5746-1] postgresql-13 security update
Index(es):
- Date
- Thread