DSA-3935-1 postgresql-9.4 -- postgresql-9.4ID: oval:org.secpod.oval:def:603041 | Date: (C)2017-09-05 (M)2023-12-20 |
Class: PATCH | Family: unix |
Several vulnerabilities have been found in the PostgreSQL database system: CVE-2017-7546 In some authentication methods empty passwords were accepted. CVE-2017-7547 User mappings could leak data to unprivileged users. CVE-2017-7548 The lo_put function ignored ACLs. For more in-depth descriptions of the security vulnerabilities, please see https://www.postgresql.org/about/news/1772/