Security
Security
Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in execution of arbitrary code or privilege escalation.
| Package | dev-db/postgresql on all architectures |
|---|---|
| Affected versions | < 9.4.3 |
| Unaffected versions | revision >= 9.0.21 revision >= 9.1.17 revision >= 9.2.12 revision >= 9.3.8 >= 9.4.3 revision >= 9.0.22 revision >= 9.0.23 revision >= 9.0.24 revision >= 9.1.18 revision >= 9.1.19 revision >= 9.1.20 revision >= 9.2.13 revision >= 9.2.14 revision >= 9.2.15 revision >= 9.3.9 revision >= 9.3.10 revision >= 9.3.11 revision >= 9.3.12 revision >= 9.3.14 revision >= 9.3.15 |
PostgreSQL is an open source object-relational database management system.
Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details.
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition or escalate privileges.
There is no known workaround at this time.
All PostgreSQL 9.0.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.0.21"
All PostgreSQL 9.1.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.1.17"
All PostgreSQL 9.2.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.2.12"
All PostgreSQL 9.3.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.3.8"
All PostgreSQL 9.4.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.3"