pgpool2 (4.3.5-1)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://salsa.debian.org/postgresql/pgpool2.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 32690176
- Browser: https://salsa.debian.org/postgresql/pgpool2
- Last scan: 2023-03-18 16:24:31+00
- Next scan: 2023-03-26 21:02:00+00
- CI pipeline status: failed
- Debian changelog in Git:
pgpool2 (4.3.5-1) unstable; urgency=medium
* New upstream version 4.3.5. (Closes: #1030048)
+ Fixes Information disclosure vulnerability CVE-2023-22332:
A specific database user's authentication information may be obtained
by another database user. As a result, the information stored in the
database may be altered and/or database may be suspended by a remote
attacker who successfully logged in the product with the obtained
credentials.
* debian/pgpool2.service: Start after network.target.
-- Christoph Berg <myon@debian.org> Wed, 01 Mar 2023 11:09:35 +0100
- This branch is even with tag debian/4.3.5-1