[Git][security-tracker-team/security-tracker][master] Reserve DLA-4420-1 for postgresql-13

Thu Dec 25 20:56:45 GMT 2025


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
971374d0 by Utkarsh Gupta at 2025-12-26T02:26:32+05:30
Reserve DLA-4420-1 for postgresql-13

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15872,7 +15872,6 @@ CVE-2025-12818 (Integer wraparound in multiple PostgreSQL libpq client library f
 	- postgresql-15 <removed>
 	[bookworm] - postgresql-15 <no-dsa> (Minor issue)
 	- postgresql-13 <removed>
-	[bullseye] - postgresql-13 <postponed> (Minor issue)
 	NOTE: https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/
 	NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=600086f471a3bb57ff4953accf1d3f8d2efe0201 (master)
 	NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=7eb8fcad860e9a0548191dab7a87a5bead5f8e91 (REL_18_1)
@@ -15886,7 +15885,6 @@ CVE-2025-12817 (Missing authorization in PostgreSQL CREATE STATISTICS command al
 	- postgresql-15 <removed>
 	[bookworm] - postgresql-15 <no-dsa> (Minor issue)
 	- postgresql-13 <removed>
-	[bullseye] - postgresql-13 <postponed> (Minor issue)
 	NOTE: https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/
 	NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=5e4fcbe531c668b4112beedde97aac79724074c5 (master)
 	NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=00eb646ea43410e5df77fed96f4a981e66811796 (REL_18_1)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Dec 2025] DLA-4420-1 postgresql-13 - security update
+	{CVE-2025-12817 CVE-2025-12818}
+	[bullseye] - postgresql-13 13.23-0+deb11u1
 [25 Dec 2025] DLA-4419-1 gst-plugins-good1.0 - security update
 	{CVE-2025-47183 CVE-2025-47219}
 	[bullseye] - gst-plugins-good1.0 1.18.4-2+deb11u4



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/971374d08f7eda822acf319f7ff8b32ef08e5405

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/971374d08f7eda822acf319f7ff8b32ef08e5405
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251225/67cee4cb/attachment.htm>
