Debian Security Advisory
DSA-4439-1 postgresql-9.6 -- security update
- Date Reported:
- 09 May 2019
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2019-10130.
- More information:
Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed.
For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1939/
For the stable distribution (stretch), this problem has been fixed in version 9.6.13-0+deb9u1.
We recommend that you upgrade your postgresql-9.6 packages.
For the detailed security status of postgresql-9.6 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/postgresql-9.6