Advisories » MGASA-2024-0043

Updated postgresql15 and postgresql13 packages fix a security vulnerability

Publication date: 19 Feb 2024
Modification date: 19 Feb 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-0985

Description

The updated packages fix a security vulnerability:
PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes
arbitrary SQL. (CVE-2024-0985)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32823
• https://www.postgresql.org/about/news/postgresql-162-156-1411-1314-and-1218-released-2807/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0985

SRPMS

9/core

• postgresql15-15.6-1.mga9
• postgresql13-13.14-1.mga9