[Osgeo4w-trac] [osgeo4w] #815: PostgreSQL - New vulnerability published for CVE-2024-0985

OSGeo4W trac_osgeo4w at osgeo.org
Fri Feb 16 03:09:54 PST 2024


#815: PostgreSQL - New vulnerability published for CVE-2024-0985
----------------------+-------------------------------------------------
Reporter:  ascottwwf  |      Owner:  osgeo4w-dev@…
    Type:  defect     |     Status:  new
Priority:  normal     |  Component:  Package
 Version:             |   Keywords:  PostgreSQL, OSGEO, QGIS LTR 3.28.15
----------------------+-------------------------------------------------
 Hello,

 Further to the earlier ticket [#813], PostreSQL have recently published a
 further vulnerability that affects multiple versions of PostgreSQL
 (Details here:
 [https://www.postgresql.org/support/security/CVE-2024-0985/]).

 As part of the earlier ticket [#813], you bumped the PostgreSQL version
 from 15.2 to 16.1
 [https://github.com/jef-n/OSGeo4W/commit/33f5fb72a3357a56d4ab8da8d96c830815039a48]

 Would it be possible to now bump this version to v16.2 - as this version
 includes a number of other bug fixes? (Release Notes:
 [https://www.postgresql.org/about/news/postgresql-162-156-1411-1314-and-1218-released-2807/])
-- 
Ticket URL: <https://trac.osgeo.org/osgeo4w/ticket/815>
OSGeo4W <http://trac.osgeo.org/osgeo4w>
OSGeo4W is the Windows installer and package environment for the OSGeo stack.


More information about the Osgeo4w-trac mailing list