-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3644-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Chris Lamb November 03, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : phppgadmin Version : 5.1+ds-4+deb10u1 CVE ID : CVE-2023-40619 Debian Bug : 1053004 It was discovered there was a potential remote code execution vulnerability in phppgadmin, a web-based administration tool for the PostgreSQL database server. This issue concerned the deserialisation of untrusted data which may have led to remote code execution because user-controlled data was being passed directly to the PHP 'unserialize()' function. For Debian 10 buster, this problem has been fixed in version 5.1+ds-4+deb10u1. We recommend that you upgrade your phppgadmin packages. For the detailed security status of phppgadmin please refer to its security tracker page at: https://security-tracker.debian.org/tracker/phppgadmin Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmVErT8ACgkQHpU+J9Qx HlhuyQ//QBTZc7HQZhlJWbVu6d0qxNY2CgX3kZo0wkO/txWWNWMRHaZy/HbTQgPI 7/up4G7tnb1i0pXYHkxy6dYydp46RlW0qSw9uCSzN3PTL6BJdUbM8l6kh/I+sDCw Mp3L1s50IuHUxAMvdllOricNamyxrbuwqptowcqe8SNP05iBKYrLir25CucHNahb kSNwkJtStZzYoaCaRX4+cMraqvLiTYHiv9NymbNDKw7iReBrGcq0RAK1lW95y07S ECn3eJYHwgkvjxCNA8qQj3fct0w16neHr+DiO7GKRxExqk66vSLC5qWhPp7e4noy OfWUlcwpDK4YfebrlPjUL9zrTYIpESqUhgUV57VqO2lG7sNPAJLgBYo98QDTVx1y vYQMxwHZvYmVZ8nOruCgrhcc2+ibB32DMBbN9i9YNV5G+qeUBtWcdszZeRiYRZ9O 7t+MjyCBqwZOv8rbkZziqvftik3taZiFbt/jUsbzRzRxfx8RDBGcG9hdEqNYAIwi 250S0NYRmflQSD5RLGxaBP02c7VQOZBtTKf6HwqH8LmldKiZiaVZHUlorUZ0PwKa 3/sIbBG1lA0p15Zfb/bhh7hzQ11oejk/zsQ6KPposmmOsHMhyJmk/u0J1lTDH6TN KDOAHxR89eC2eRCSqgrIYok8v6fO2kY4/EiquW1eDgv+VmOWCwg= =cih6 -----END PGP SIGNATURE-----