mmelite mmezi maka ngalaba PostgreSQL niile akwadoro: , , , и , nke nwere akụkụ nke ndozi ahụhụ. Mwepụta mmelite maka alaka 9.4 ruo Disemba 2019, 9.5 ruo Jenụwarị 2021, 9.6 ruo Septemba 2021, 10 ruo Ọktoba 2022, 11 ruo Nọvemba 2023.
Ụdị ọhụrụ a na-edozi ihe karịrị ahụhụ 60 ma wepụ adịghị ike anọ:
- Nsogbu abụọ (CVE-2019-10127, CVE-2019-10128) bụ nke akọwapụtara n'elu ikpo okwu. Windows ma pụta na ndị nrụnye sitere na EnterpriseDB na BigSQL, nke na-edobeghi ikike ịnweta faịlụ ahụ nke ọma, nke nyere onye ọrụ ọ bụla na-enweghị ikike ohere. Windows malite imezu koodu na ọkwa ọrụ PostgreSQL.
- Ọdịmma CVE-2019-10129 pụtara na PostgreSQL 11 ma na-enye onye ọrụ ohere ịgụ mpaghara ebe nchekwa aka ike nke usoro ihe nkesa site na izipu arịrịọ INSERT emebere nke ọma na tebụl kewara ekewa.
- Ihe ọghọm CVE-2019-10130 na-enye gị ohere ịgụ ụkpụrụ ndekọ nke amachibidoro ohere.
Akwụsịghị chinchi gụnyere nrụrụ aka ndekọ mgbe ị na-eme “ALTER TABLE” na tebụl kewara ekewa, ihe nkesa nkesa mgbe njehie na-eme mgbe ị na-anwa ịchekwa cursor n'etiti azụmahịa na-eme, nsogbu arụ ọrụ mgbe ị na-atụgharị azụmahịa metụtara ọnụ ọgụgụ buru ibu nke tebụl, enweghị nkwado maka "Mepụta tebụl ma ọ bụrụ na ọ bụghị" okwu dị .. KA EXECUTE ..", ebe nchekwa na-agbapụta.
isi: opennet.ru
