Bug report #21595

vulnerability in QGIS

Added by qy li 9 months ago. Updated 9 months ago.

Status:Open
Priority:High
Assignee:Jürgen Fischer
Category:Windows Package
Affected QGIS version:3.6.0 Regression?:No
Operating System: Easy fix?:No
Pull Request or Patch supplied:No Resolution:fixed/implemented
Crashes QGIS or corrupts data:No Copied to github as #:29411

Description

In QGIS 3.4.3 our vulnerability scanner identified an very critical issue with "C:\Program Files\QGIS 3.4\bin\psql.exe" from the component PostgreSQL 9.2.4.13228. The suggested solution is to "update to version 9.6.4, 9.5.8, 9.4.13, 9.3.18, or 9.2.22".
----
Im Produkt QGIS 3.4.3 ist unter dem Pfad „C:\Program Files\QGIS 3.4\bin\psql.exe“ die Komponente PostgreSQL 9.2.4.13228 als Schwachstelle identifiziert worden. Die Sicherheitslücke wird als sehr kritisch bewertet. Die vorgeschlagene Lösung nach unserem Schwachstellenscanner lautet die Komponente PostgreSQL „Update to version 9.6.4, 9.5.8, 9.4.13, 9.3.18, or 9.2.22.“.

History

#1 Updated by Jürgen Fischer 9 months ago

  • File deleted (SnipImage.JPG)

#2 Updated by Jürgen Fischer 9 months ago

  • Affected QGIS version changed from 3.4.3 to 3.6.0
  • Subject changed from Schwachstelle in QGIS to vulnarability in QGIS

#3 Updated by Jürgen Fischer 9 months ago

  • Description updated (diff)
  • Subject changed from vulnarability in QGIS to vulnerability in QGIS

Also available in: Atom PDF