Andres Freund

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 8.1.33 PHP versions prior to 8.2.29 PHP versions prior to 8.3.23 PHP versions prior to 8.4 php7.4 php8.2 **Description** The `pgsql` and `pdo pgsql` escaping functions do not verify if the underlying quoting functions return errors. This can lead to crashes if the Postgres server rejects a string as invalid. **Recommendations** PHP versions prior to 8.1.33: Upgrade to version 8.1.33 or later. PHP versions prior to 8.2.29: Upgrade to version 8.2.29 or later. PHP versions prior to 8.3.23: Upgrade to version 8.3.23 or later. PHP versions prior to 8.4: Upgrade to version 8.4.10 or later. php7.4: Upgrade to a supported version. php8.2: Upgrade to a supported version.

**Name of the Vulnerable Software and Affected Versions** XZ Utils versions 5.6.0 through 5.6.1 **Description** Malicious code was discovered in the upstream tarballs of XZ Utils. Through complex obfuscations, the `liblzma` build process extracts a prebuilt object file from a disguised test file in the source code, which is then used to modify specific functions within the `liblzma` library. This supply chain compromise allows a remote attacker to bypass OpenSSH authentication and execute arbitrary code with root-level privileges. The attack involves intercepting and modifying data interactions by hooking the dynamic linker and replacing functions such as `crc32 resolve()`, `crc64 resolve()`, and `RSA public decrypt()`. The exploit is specifically designed for x86-64 Linux systems built with gcc and the GNU linker, under specific environment conditions such as the absence of the `TERM` variable and the presence of the `LANG` variable. **Recommendations** Downgrade to XZ Utils version 5.4.6 or earlier for versions 5.6.0 through 5.6.1.

**Name of the Vulnerable Software and Affected Versions** postgresql (affected versions not specified) **Description** A flaw was found in postgresql. Using an `INSERT ... ON CONFLICT ... DO UPDATE` command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this issue is to data confidentiality. This issue is related to memory disclosure errors in the implementation of the `INSERT ... ON CONFLICT ... DO UPDATE` command. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions prior to 12.4 PostgreSQL versions prior to 11.9 PostgreSQL versions prior to 10.14 PostgreSQL versions prior to 9.6.19 PostgreSQL versions prior to 9.5.23 **Description** The issue is related to PostgreSQL extensions not using the search path safely in their installation scripts. This could allow an attacker with sufficient privileges to trick an administrator into executing a specially crafted script during the installation or update of such an extension, potentially leading to unauthorized access to confidential data, disruption of data integrity, and denial of service. **Recommendations** For versions prior to 12.4, update to version 12.4 or later. For versions prior to 11.9, update to version 11.9 or later. For versions prior to 10.14, update to version 10.14 or later. For versions prior to 9.6.19, update to version 9.6.19 or later. For versions prior to 9.5.23, update to version 9.5.23 or later.

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions prior to 8.4.20 PostgreSQL versions 9.0.x prior to 9.0.16 PostgreSQL versions 9.1.x prior to 9.1.12 PostgreSQL versions 9.2.x prior to 9.2.7 PostgreSQL versions 9.3.x prior to 9.3.3 **Description** The issue allows remote authenticated users to gain privileges via a function that is defined in another language or not allowed to be directly called by the user due to permissions. This is related to errors occurring when calling a program function defined in a different language or one that the user cannot directly call due to access rights. **Recommendations** For versions prior to 8.4.20, update to version 8.4.20 or later. For versions 9.0.x prior to 9.0.16, update to version 9.0.16 or later. For versions 9.1.x prior to 9.1.12, update to version 9.1.12 or later. For versions 9.2.x prior to 9.2.7, update to version 9.2.7 or later. For versions 9.3.x prior to 9.3.3, update to version 9.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions prior to 8.4.20 PostgreSQL versions 9.0.x prior to 9.0.16 PostgreSQL versions 9.1.x prior to 9.1.12 PostgreSQL versions 9.2.x prior to 9.2.7 PostgreSQL versions 9.3.x prior to 9.3.3 **Description** A race condition exists in the CREATE INDEX and ALTER TABLE commands, allowing remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window. This issue can also lead to privilege escalation. **Recommendations** For versions prior to 8.4.20, update to version 8.4.20 or later. For versions 9.0.x prior to 9.0.16, update to version 9.0.16 or later. For versions 9.1.x prior to 9.1.12, update to version 9.1.12 or later. For versions 9.2.x prior to 9.2.7, update to version 9.2.7 or later. For versions 9.3.x prior to 9.3.3, update to version 9.3.3 or later.