Unsubscribe Dne čt 3. 9. 2020 12:52 dop. uživatel Utkarsh Gupta <utka...@debian.org> napsal:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > - ----------------------------------------------------------------------- > Debian LTS Advisory DLA-2363-1 debian-lts@lists.debian.org > https://www.debian.org/lts/security/ Utkarsh Gupta > September 03, 2020 https://wiki.debian.org/LTS > - ----------------------------------------------------------------------- > > Package : asyncpg > Version : 0.8.4-1+deb9u1 > CVE ID : CVE-2020-17446 > > asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger > a crash or execute arbitrary code (on a database client) via a crafted > server response, because of access to an uninitialized pointer in the > array data decoder. > > For Debian 9 stretch, this problem has been fixed in version > 0.8.4-1+deb9u1. > > We recommend that you upgrade your asyncpg packages. > > For the detailed security status of asyncpg please refer to > its security tracker page at: > https://security-tracker.debian.org/tracker/asyncpg > > Further information about Debian LTS security advisories, how to apply > these updates to your system and frequently asked questions can be > found at: https://wiki.debian.org/LTS > -----BEGIN PGP SIGNATURE----- > > iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl9QIhUACgkQgj6WdgbD > S5bMDA/+KA6gEfzI1ATMVcgOVkON76LgS3ZF2oowfsezuXdIm9vHzPLQpADfJxtp > cCDuGXCzNU8cFrQbwq83l4J7ZFFffxF3TWRG3/HA3V5EQD6RYq+EHl84QuR1hHwO > om57n/KZqbcTigmhngdod8knKQEn8ePtuWzQ+98N2DTFzSQKpqWAuZhRKSP084WS > EYvqwWubTLu6X4Z0Ysg6Q6rYdfIbyIm8wFUCb/yOPRBpoTllWiBFxfahbkxsCZRS > 0caq/1Mtr7jeUDVNT5otAKcfeV8BvlJLnp/Cxq4QAGCyJC/VfObu1gV7tjq/GW+u > kmaF8Zq2Fzg1zm5C1owspzgBDMkG47yOy1KPEi+CYbIcQkIDicZEtjT+nv8L/j4j > ZjGQHYBnIeJTH3e9UXqX77unJbVpQ2gWWzPv5t5hL4TMedlNFq9XWZRYsKwsGY0z > 1z66fUgh9YKgau4ccF9ni3Iouc4iup77oPodhupHRE6MOxDQnu8Sw1kNjYZPfFIC > 36zoUyXEHbWdo/g8R1rvDj8imjnl3a7kZYb3Z4fieRWmtRSKfduNrADtcs2sJjMM > zV7BFXQMbDzfSUdo//l/A4AbTNpPB62zFpnvJuZTnGTJT2tIftQnWn0LMT/F6MM+ > qZ2g2Cw6bJIGoPLiXY6JPs4fXMnlX311oya166uZXnGBUyfgj80= > =kkMn > -----END PGP SIGNATURE----- > >
