git: bd39e99be4b9 - main - security/vuxml: Add vulnerabilities for PostgreSQL
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 14 Aug 2025 14:10:46 UTC
The branch main has been updated by girgen:
URL: https://cgit.FreeBSD.org/ports/commit/?id=bd39e99be4b9ed34cc30d5d75e5e3828d868f9ed
commit bd39e99be4b9ed34cc30d5d75e5e3828d868f9ed
Author: Palle Girgensohn <girgen@FreeBSD.org>
AuthorDate: 2025-08-14 13:01:43 +0000
Commit: Palle Girgensohn <girgen@FreeBSD.org>
CommitDate: 2025-08-14 14:10:16 +0000
security/vuxml: Add vulnerabilities for PostgreSQL
---
security/vuxml/vuln/2025.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 46 insertions(+)
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index ac97ea411e64..00ad66568474 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -1,3 +1,49 @@
+ <vuln vid="fc048b51-7909-11f0-90a2-6cc21735f730">
+ <topic>PostgreSQL -- vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>postgresql17-server</name>
+ <range><lt>17.6</lt></range>
+ </package>
+ <package>
+ <name>postgresql16-server</name>
+ <range><lt>16.10</lt></range>
+ </package>
+ <package>
+ <name>postgresql15-server</name>
+ <range><lt>14.14</lt></range>
+ </package>
+ <package>
+ <name>postgresql14-server</name>
+ <range><lt>14.19</lt></range>
+ </package>
+ <package>
+ <name>postgresql13-server</name>
+ <range><lt>13.22</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>PostgreSQL project reports:</p>
+ <blockquote cite="https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/">
+ <p>Tighten security checks in planner estimation functions.</p>
+ <p>Prevent pg_dump scripts from being used to attack the user running the restore.</p>
+ <p>Convert newlines to spaces in names included in comments in pg_dump output.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2025-8713</cvename>
+ <cvename>CVE-2025-8714</cvename>
+ <cvename>CVE-2025-8715</cvename>
+ <url>https://www.postgresql.org/about/news/postgresql-176-1610-1514-1419-1322-and-18-beta-3-released-3118/</url>
+ </references>
+ <dates>
+ <discovery>2025-08-11</discovery>
+ <entry>2025-08-14</entry>
+ </dates>
+ </vuln>
+
<vuln vid="7bfe6f39-78be-11f0-9d03-2cf05da270f3">
<topic>Gitlab -- vulnerabilities</topic>
<affects>