PostgreSQL: SQL injection — GLSA 201811-24

A SQL injection in PostgreSQL may allow attackers to execute arbitrary SQL statements.

Affected packages

dev-db/postgresql on all architectures
Affected versions < 9.3.25
< 9.4.20
< 9.5.15
< 9.6.11
< 10.6
< 11.1
Unaffected versions >= 9.3.25
>= 9.4.20
>= 9.5.15
>= 9.6.11
>= 10.6
>= 11.1

Background

PostgreSQL is an open source object-relational database management system.

Description

A vulnerability was discovered in PostgreSQL’s pg_upgrade and pg_dump.

Impact

An attacker, by enticing a user to process a specially crafted trigger definition, can execute arbitrary SQL statements with superuser privileges.

Workaround

There is no known workaround at this time.

Resolution

All PostgreSQL 9.3.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.3.25"
 

All PostgreSQL 9.4.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.20"
 

All PostgreSQL 9.5.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.15"
 

All PostgreSQL 9.6.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.6.11"
 

All PostgreSQL 10.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/postgresql-10.6"
 

All PostgreSQL 11.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-db/postgresql-11.1"
 

References

Release date
November 30, 2018

Latest revision
December 03, 2018: 2

Severity
normal

Exploitable
remote

Bugzilla entries