Site icon 지락문화예술공작단

USN-4027-1: PostgreSQL vulnerability

USN-4027-1: PostgreSQL vulnerability

postgresql-10, postgresql-11 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

Summary

PostgreSQL could be made to crash or run programs if it received specially
crafted network traffic.

Software Description

Details

Alexander Lakhin discovered that PostgreSQL incorrectly handled
authentication. An authenticated attacker or a rogue server could use this
issue to cause PostgreSQL to crash, resulting in a denial of service, or
possibly execute arbitrary code. The default compiler options for affected
releases should reduce the vulnerability to a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
postgresql-1111.4-0ubuntu0.19.04.1
Ubuntu 18.10
postgresql-1010.9-0ubuntu0.18.10.1
Ubuntu 18.04 LTS
postgresql-1010.9-0ubuntu0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.

References

Source: USN-4027-1: PostgreSQL vulnerability

Exit mobile version