[Osgeo4w-trac] [osgeo4w] #813: Vulnerable PostgreSQL 15.2.0 executable exists after install latest of QGIS LTR 3.28.15 using the OSGEO4W installer

OSGeo4W trac_osgeo4w at osgeo.org
Wed Jan 31 11:26:53 PST 2024


#813: Vulnerable PostgreSQL 15.2.0 executable exists after install latest of QGIS
LTR 3.28.15 using the OSGEO4W installer
------------------------------------------------+--------------------------
Reporter:  ascottwwf                            |       Owner:  osgeo4w-
                                                |  dev@…
    Type:  defect                               |      Status:  new
Priority:  major                                |   Component:  Package
 Version:                                       |  Resolution:
Keywords:  PostgreSQL, OSGEO, QGIS LTR 3.28.15  |
------------------------------------------------+--------------------------
Comment (by jratike80):

 I do not know why the pg_dump https://www.postgresql.org/docs/current/app-
 pgdump.html program comes with QGIS, but I do not see this backup/restore
 utility mentioned in the vulnerabilities
 https://security.snyk.io/package/linux/debian:12/postgresql-15.
-- 
Ticket URL: <https://trac.osgeo.org/osgeo4w/ticket/813#comment:2>
OSGeo4W <http://trac.osgeo.org/osgeo4w>
OSGeo4W is the Windows installer and package environment for the OSGeo stack.


More information about the Osgeo4w-trac mailing list