postgresql-libs

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Libraries for use with PostgreSQL
Version	16.2-2 [extra-testing] 16.2-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2547	13.4-6	13.5-1	Low	Fixed
AVG-1019	11.4-1	11.5-1	Medium	Fixed
AVG-280	9.6.2-1	9.6.3-1	High	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2021-23222	AVG-2547	Low	Yes	Man-in-the-middle	A security issue has been found in PostgreSQL versions 9.6 up to 14. A man-in-the-middle attacker can inject false responses to the client's first few...
CVE-2019-10209	AVG-1019	Low	Yes	Information disclosure	An issue has been found in PostgreSQL >= 11.0 and < 11.5. In a database containing hypothetical, user-defined hash equality operators, an attacker could...
CVE-2019-10208	AVG-1019	Medium	Yes	Access restriction bypass	A security issue has been found in PostgreSQL < 11.5 where given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the...
CVE-2017-7485	AVG-280	High	Yes	Man-in-the-middle	A security issue has been found in the libpq component of PostgreSQL < 9.6.3, where the PGREQUIRESSL was no longer enforcing a SSL/TLS connection to a...

Advisories

Date	Advisory	Group	Severity	Type
10 Aug 2019	ASA-201908-7	AVG-1019	Medium	multiple issues
30 May 2017	ASA-201705-24	AVG-280	High	man-in-the-middle