openbsd/ports
1
0
Fork 0
mirror of https://github.com/openbsd/ports.git synced 2026-06-17 23:13:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
ports/databases/postgresql/distinfo
T
jeremy af78d2007e Update to PostgreSQL 18.4 
Fixes:

* CVE-2026-6472: PostgreSQL CREATE TYPE does not check multirange schema
  CREATE privilege
* CVE-2026-6473: PostgreSQL server undersizes allocations, via integer
  wraparound
* CVE-2026-6474: PostgreSQL timeofday() can disclose portions of server
  memory
* CVE-2026-6475: PostgreSQL pg_basebackup and pg_rewind can overwrite
  unrelated files of origin superuser choice
* CVE-2026-6476: PostgreSQL pg_createsubscriber allows SQL injection via
  subscription name
* CVE-2026-6477: PostgreSQL libpq lo_* functions let server superuser
  overwrite client stack
* CVE-2026-6478: PostgreSQL discloses MD5-hashed passwords via covert
  timing channel
* CVE-2026-6479: PostgreSQL SSL/GSS init causes denial of service, via
  uncontrolled recursion
* CVE-2026-6575: PostgreSQL pg_restore_attribute_stats accepts values
  that cause query planning to read past end of stats array
* CVE-2026-6637: PostgreSQL refint allows stack buffer overflow and SQL
  injection
* CVE-2026-6638: PostgreSQL REFRESH PUBLICATION allows SQL injection via
  table name

From Mark Patruck
2026-05-25 00:36:13 +00:00

3 lines
120 B
Plaintext
Raw Permalink Blame History

SHA256 (postgresql-18.4.tar.gz) = RQqo8toGxG+CIZFugq4GsE+xBA+PAGQ9v4t9ZjyqwLk=
SIZE (postgresql-18.4.tar.gz) = 29477735
Reference in New Issue View Git Blame Copy Permalink