FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
45b8716b-c707-11eb-b9a0-6805ca0b3d42	pglogical -- shell command injection in pglogical.create_subscription() 2ndQuadrant reports: Fix pg_dump/pg_restore execution (CVE-2021-3515) Correctly escape the connection string for both pg_dump and pg_restore so that exotic database and user names are handled correctly. Reported by Pedro Gallegos Discovery 2021-06-01 Entry 2021-06-06 pglogical < 2.3.4 CVE-2021-3515 https://github.com/2ndQuadrant/pglogical/releases/tag/REL2_3_4 https://bugzilla.redhat.com/show_bug.cgi?id=1954112

VuXML ID

Description

45b8716b-c707-11eb-b9a0-6805ca0b3d42

pglogical -- shell command injection in pglogical.create_subscription()

2ndQuadrant reports:

Fix pg_dump/pg_restore execution (CVE-2021-3515)

Correctly escape the connection string for both pg_dump and pg_restore so that exotic database and user names are handled correctly.

Reported by Pedro Gallegos

Discovery 2021-06-01
Entry 2021-06-06
pglogical

< 2.3.4

CVE-2021-3515
https://github.com/2ndQuadrant/pglogical/releases/tag/REL2_3_4
https://bugzilla.redhat.com/show_bug.cgi?id=1954112