mmelite mmezi maka ngalaba PostgreSQL niile akwadoro: , , , и , nke nwere akụkụ nke ndozi ahụhụ. Mwepụta mmelite maka alaka 9.4 ruo Disemba 2019, 9.5 ruo Jenụwarị 2021, 9.6 ruo Septemba 2021, 10 ruo Ọktoba 2022, 11 ruo Nọvemba 2023.
Ụdị ọhụrụ a na-edozi ihe karịrị ahụhụ 60 ma wepụ adịghị ike anọ:
- Ọdịmma abụọ (CVE-2019-10127, CVE-2019-10128) bụ kpọmkwem maka ikpo okwu Windows wee pụta na installers sitere na EnterpriseDB na BigSQL, nke na-edobeghi ikike ịnweta ohere kwesịrị ekwesị na ndekọ data, nke kwere ka onye ọrụ Windows ọ bụla na-enweghị ohere ịmalite. koodu ogbugbu na ọkwa ọrụ PostgreSQL.
- Ọdịmma CVE-2019-10129 pụtara na PostgreSQL 11 ma na-enye onye ọrụ ohere ịgụ mpaghara ebe nchekwa aka ike nke usoro ihe nkesa site na izipu arịrịọ INSERT emebere nke ọma na tebụl kewara ekewa.
- Ihe ọghọm CVE-2019-10130 na-enye gị ohere ịgụ ụkpụrụ ndekọ nke amachibidoro ohere.
Akwụsịghị chinchi gụnyere nrụrụ aka ndekọ mgbe ị na-eme “ALTER TABLE” na tebụl kewara ekewa, ihe nkesa nkesa mgbe njehie na-eme mgbe ị na-anwa ịchekwa cursor n'etiti azụmahịa na-eme, nsogbu arụ ọrụ mgbe ị na-atụgharị azụmahịa metụtara ọnụ ọgụgụ buru ibu nke tebụl, enweghị nkwado maka "Mepụta tebụl ma ọ bụrụ na ọ bụghị" okwu dị .. KA EXECUTE ..", ebe nchekwa na-agbapụta.
isi: opennet.ru