-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4439-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : postgresql-9.6 CVE ID : CVE-2019-10130 Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1939/ For the stable distribution (stretch), this problem has been fixed in version 9.6.13-0+deb9u1. We recommend that you upgrade your postgresql-9.6 packages. For the detailed security status of postgresql-9.6 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/postgresql-9.6 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlzUiokACgkQEMKTtsN8 TjYP3Q/+PCy4ofzFVZMywhMetM9uG9/K556iCqouzi/Qo+OMee71OMfPz70ovzYj YSCsNCY6jcscg22vNJ8c46aDIB2BgSxK5AfW30HpBNlANQZj1WGVhD5oMRH21kqM HMEqNJjlnAAmXv0yzgdvpNm+wppjGp1bIbVNeCgEYrSivEIUWkIB6ULDH+ZiQX42 Rzg0s5Y0+O2VI9uA+1Pf5pJF0PNEYJV0+2YtOAWQTgD/q1xFOsmIRoBC4BZ5Mpb7 z62Rr8S7XWf6rGTZH6oqDtXu70+K6+IpUDqnz4fuK2uLK1xz7wCIEGib+94t2OIn /ZV/vIOUsPzWEdnVjfZ323hkNNJYQ3gILzy9sP7q8vpRoEzn68T2LaOAK215vQkr /ex7yRb7dESNvyEMX9xS8B0a73ofmzuxB6igsKSPOa2zOkIf6uiaVSpPcwMSmfTQ cxcbhL51vwITZgtCvvQFicskLbmd7jxxcYCDzCMeBbm0a+wiX/k0wV4pAW1F0d7P kjYQA72jjpads++FKWCljo1+rqwvnxeh47FIBTk+K7EcHWmcmBFHU3GeFzXBU6K8 bo17BvGhAmg87uly9joJqYUhLtDvewsKs/fLZBPx+MnE8o9bRuL5TwerCfh3RV8B 67lkRDMGTHCYqs0zXsv5nLJfi+RwZJP5MV7NK8jVm3XZMemm+fk= =1Lk2 -----END PGP SIGNATURE-----