Advisories ยป MGASA-2023-0324

Updated postgresql packages fix security vulnerabilities

Publication date: 22 Nov 2023
Modification date: 22 Nov 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-5868 , CVE-2023-5869 , CVE-2023-5870

Description

The updated packages fix security vulnerabilities:

Memory disclosure in aggregate function calls. (CVE-2023-5868)

Buffer overrun from integer overflow in array modification.
(CVE-2023-5869)

Role pg_signal_backend can signal certain superuser processes.
(CVE-2023-5870)

References

SRPMS

8/core

9/core