Ho ntlafatsa PostgreSQL 11.3, 10.8, 9.6.13, 9.5.17 le 9.4.22

Thehile lintlafatso bakeng sa makala ohle a tšehetsoeng a PostgreSQL: 11.3, 10.8, 9.6.13, 9.5.17 и 9.4.22, e nang le karolo ea litokiso tsa liphoso. Phatlalatso ea lintlafatso bakeng sa lekala 9.4 e tla tšoarella ho fihlela ka Tšitoe 2019, 9.5 ho fihlela Pherekhong 2021, 9.6 ho fihlela Loetse 2021, 10 ho fihlela Mphalane 2022, 11 ho fihlela Pulungoana 2023.

Liphetolelo tse ncha li lokisa litšitšili tse fetang 60 le ho felisa bofokoli ba bane:

• Likotsi tse peli (CVE-2019-10127, CVE-2019-10128) li tobile sethaleng sa Windows 'me li hlaha ho li-installers tse tsoang ho EnterpriseDB le BigSQL, tse sa kang tsa beha litokelo tse nepahetseng tsa ho fihlella bukeng ea data, e ileng ea lumella mosebedisi ofe kapa ofe ea se nang tokelo ea Windows hore a qale. ts'ebetso ea khoutu maemong a ts'ebeletso ea PostgreSQL.
• Kotsi ea CVE-2019-10129 e hlaha ho PostgreSQL 11 mme e lumella mosebelisi ho bala libaka tsa memori tse sa reroang tsa ts'ebetso ea seva ka ho romella kopo e entsoeng ka mokhoa o ikhethileng oa INSERT tafoleng e arotsoeng.
• Vulnerability CVE-2019-10130 e u lumella ho bala boleng ba lirekoto tseo phihlello e lekanyelitsoeng ho tsona.

Litšitšili tse tsitsitseng li kenyelletsa bobolu ba li-directory ha u etsa "ALTER TABLE" tafoleng e arohaneng, ho senyeha ha seva ha phoso e etsahala ha u leka ho boloka sekheo pakeng tsa transaction, mathata a ts'ebetso ha u khutlisetsa morao lik'hamphani tse kenyelletsang litafole tse ngata, ho hloka tšehetso bakeng sa "CREATE TAFOLE HAESE" Polelo e teng .. JOALOKA KETSAHALO ..", ho lutla mohopolong.

Source: opennet.ru