| Package | postgresql-9.4 |
|---|---|
| Version | 9.4.26-0+deb8u7 (jessie) |
| Related CVEs | CVE-2023-2454 |
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an attacker with elevated database-level privileges to execute arbitrary code.
For Debian 8 jessie, these problems have been fixed in version 9.4.26-0+deb8u7.
We recommend that you upgrade your postgresql-9.4 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.