[Git][security-tracker-team/security-tracker][master] dla: re-add postgresql-13

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Mon Feb 17 10:42:17 GMT 2025 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
751e98c4 by Sylvain Beucler at 2025-02-17T11:41:51+01:00
dla: re-add postgresql-13

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -665,6 +665,7 @@ CVE-2025-1094 (Improper neutralization of quoting syntax in PostgreSQL libpq fun
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=dd3c1eb38e9add293f8be59b6aec7574e8584bdb (REL_17_3)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=05abb0f8303a78921f7113bee1d72586142df99e (REL_17_3)
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=85c1fcc6563843d7ee7ae6f81f29ef813e77a4b6 (REL_17_3)
+	NOTE: Regression: https://www.openwall.com/lists/oss-security/2025/02/16/3
 CVE-2025-21701 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux 6.12.13-1
 	NOTE: https://git.kernel.org/linus/12e070eb6964b341b41677fd260af5a305316a1f (6.14-rc1)


=====================================
data/dla-needed.txt
=====================================
@@ -215,6 +215,12 @@ php-twig
 phpmyadmin (Chris Lamb)
   NOTE: 20250209: Added by Front-Desk (apo)
 --
+postgresql-13
+  NOTE: 20250217: Added by Front-Desk (Beuc)
+  NOTE: 20250213: CVE-2025-1094 regression reported, fixed to be released on 20250220
+  NOTE: 20250213: https://www.openwall.com/lists/oss-security/2025/02/16/3
+  NOTE: 20250213: Needs DLA-4052-1 regression fix (Beuc/front-desk)
+--
 python-werkzeug (Chris Lamb)
   NOTE: 20250209: Added by Front-Desk (apo)
   NOTE: 20250209: CVE-2024-34069 was already fixed in bookworm. (apo)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/751e98c4f0cb2ad31b102f40d33bac455b1b172f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/751e98c4f0cb2ad31b102f40d33bac455b1b172f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250217/7fb4570f/attachment.htm>

More information about the debian-security-tracker-commits mailing list