Opened 10 months ago

Closed 9 months ago

#815 closed defect (fixed)

PostgreSQL - New vulnerability published for CVE-2024-0985

Reported by: ascottwwf Owned by: osgeo4w-dev@…
Priority: normal Component: Package
Version: Keywords: PostgreSQL, OSGEO, QGIS LTR 3.28.15
Cc:

Description

Hello,

Further to the earlier ticket #813, PostreSQL have recently published a further vulnerability that affects multiple versions of PostgreSQL (Details here: https://www.postgresql.org/support/security/CVE-2024-0985/).

As part of the earlier ticket #813, you bumped the PostgreSQL version from 15.2 to 16.1 https://github.com/jef-n/OSGeo4W/commit/33f5fb72a3357a56d4ab8da8d96c830815039a48

Would it be possible to now bump this version to v16.2 - as this version includes a number of other bug fixes? (Release Notes: https://www.postgresql.org/about/news/postgresql-162-156-1411-1314-and-1218-released-2807/)

Change History (3)

comment:1 by jef, 10 months ago

Would it be possible to list the client issues?

comment:2 by jef, 10 months ago

PostgreSQL 16 is apparently not even affected.

comment:3 by jef, 9 months ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.