|
Bugzilla – Activity log for bug 1214059: VUL-0: CVE-2023-39417: postgresql12,postgresql13,postgresql14,postgresql15: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign |
Back to bug 1214059
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| maint-coord+maintenance-robot | 2023-08-08 09:15:02 UTC | Priority | P5 - None | P3 - Medium |
| cathy.hu | 2023-08-08 09:57:12 UTC | URL | https://smash.suse.de/issue/374471/ | |
| cathy.hu | 2023-08-08 10:31:00 UTC | Summary | VUL-0: EMBARGOED: CVE-2023-39417: postgresql: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign | VUL-0: EMBARGOED: CVE-2023-39417: postgresql12,postgresql13,postgresql14,postgresql15: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign |
| smash_bz | 2023-08-08 10:32:07 UTC | Whiteboard | CVSSv3.1:SUSE:CVE-2023-39417:6.3:(AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N) | |
| thomas.leroy | 2023-08-10 07:59:03 UTC | CC | thomas.leroy | |
| max | 2023-08-10 13:15:59 UTC | Status | NEW | IN_PROGRESS |
| gianluca.gabrielli | 2023-08-10 15:29:30 UTC | CC | gianluca.gabrielli | |
| gianluca.gabrielli | 2023-08-10 15:29:43 UTC | Summary | VUL-0: EMBARGOED: CVE-2023-39417: postgresql12,postgresql13,postgresql14,postgresql15: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign | VUL-0: CVE-2023-39417: postgresql12,postgresql13,postgresql14,postgresql15: Disallow substituting a schema or owner name into an extension script if the name contains a quote, backslash, or dollar sign |
| Group | SUSE Security Internal | |||
| max | 2023-08-14 12:37:46 UTC | Assignee | max | security-team |
| CC | max | |||
| cathy.hu | 2023-09-25 12:24:54 UTC | Resolution | --- | FIXED |
| Status | IN_PROGRESS | RESOLVED |
Back to bug 1214059