PostgreSQL: Multiple vulnerabilities

PostgreSQL: Multiple vulnerabilities Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in the execution of arbitrary code. postgresql 2020-03-12 2020-03-12 685846 688420 709708 local, remote 9.4.26 9.5.21 9.6.17 10.12 11.7 12.2 9.4.26 9.5.21 9.6.17 10.12 11.7 12.2

PostgreSQL is an open source object-relational database management system.

Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details.

A remote attacker could possibly execute arbitrary code with the privileges of the process, bypass certain client-side connection security features, read arbitrary server memory, alter certain data or cause a Denial of Service condition.

There is no known workaround at this time.

All PostgreSQL 9.4.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.4.26:9.4"

All PostgreSQL 9.5.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.5.21:9.5"

All PostgreSQL 9.6.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/postgresql-9.6.17:9.6"

All PostgreSQL 10.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/postgresql-10.12:10"

All PostgreSQL 11.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/postgresql-11.7:11"

All PostgreSQL 12.x users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-db/postgresql-12.2:12"

CVE-2019-10129 CVE-2019-10130 CVE-2019-10164 CVE-2020-1720 whissi whissi