[Git][security-tracker-team/security-tracker][master] Add CVE-2025-4207/PostgreSQL

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 8 21:55:31 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
de1e4ddb by Salvatore Bonaccorso at 2025-05-08T22:55:00+02:00
Add CVE-2025-4207/PostgreSQL

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,14 @@ CVE-2025-4475 (Issue in my product in blah version x on y allows bad person to b
 CVE-2025-4208 (The NEX-Forms \u2013 Ultimate Form Builder \u2013 Contact forms and mu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-4207 (Buffer over-read in PostgreSQL GB18030 encoding validation allows a da ...)
-	TODO: check
+	- postgresql-17 17.5-1
+	- postgresql-15 <removed>
+	[bookworm] - postgresql-15 <no-dsa> (Minor issue)
+	- postgresql-13 <removed>
+	NOTE: https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=ec5f89e8a29f32c7dbc4dd8734ed8406d771de2f (REL_17_5)
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=44ba3f55f552b56b2fbefae028fcf3ea5b53461d (REL_15_13)
+	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=cbadeaca9271a1bade8ef9790bae09dc92e0ed30 (REL_13_21)
 CVE-2025-4132 (Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Re ...)
 	NOT-FOR-US: Rapid7
 CVE-2025-4098 (Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable t ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de1e4ddbf559d4bf19b51ecad235252a4ad1c394

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de1e4ddbf559d4bf19b51ecad235252a4ad1c394
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250508/89d07dea/attachment.htm>

More information about the debian-security-tracker-commits mailing list