[Git][security-tracker-team/security-tracker][master] Add golang-github-jackc-pgconn for CVE-2024-27304
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Mar 18 21:57:05 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f07bca41 by Salvatore Bonaccorso at 2026-03-18T22:56:15+01:00
Add golang-github-jackc-pgconn for CVE-2024-27304
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -242918,10 +242918,15 @@ CVE-2024-27304 (pgx is a PostgreSQL driver and toolkit for Go. SQL injection can
- golang-github-jackc-pgx 4.18.1-2 (bug #1065687)
[bookworm] - golang-github-jackc-pgx <no-dsa> (Minor issue)
[bullseye] - golang-github-jackc-pgx <no-dsa> (Minor issue)
+ [experimental] - golang-github-jackc-pgconn 1.14.3-1~exp0
+ - golang-github-jackc-pgconn <unfixed> (bug #1131154)
+ [trixie] - golang-github-jackc-pgconn <no-dsa> (Minor issue)
+ [bookworm] - golang-github-jackc-pgconn <no-dsa> (Minor issue)
NOTE: https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
NOTE: https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4 (v5.5.4)
NOTE: https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8 (v5.5.4)
NOTE: https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df (v4.18.2)
+ NOTE: https://github.com/jackc/pgconn/commit/c672dff9d7a456abb81542ba5e61c372540e54b7 (v1.14.2)
CVE-2024-27303 (electron-builder is a solution to package and build a ready for distri ...)
NOT-FOR-US: electron-builder
CVE-2024-27302 (go-zero is a web and rpc framework. Go-zero allows user to specify a C ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f07bca41ef85b13e0dd5a3a5374419450850f664
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f07bca41ef85b13e0dd5a3a5374419450850f664
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260318/64938594/attachment.htm>
More information about the debian-security-tracker-commits
mailing list