MGASA-2015-0207
- Source
- https://advisories.mageia.org/MGASA-2015-0207.html
- Import Source
- https://advisories.mageia.org/MGASA-2015-0207.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2015-0207
- Published
- 2015-05-11T20:10:38Z
- Modified
- 2026-04-16T04:28:39.389442Z
- Summary
- Updated postgis packages fix security vulnerabilities
- Details
-
Updated postgis packages fix security vulnerability:
The PostGIS Raster support in PostGIS before 2.1.3 may give more privileges to users than an administrator is willing to grant. These include reading files from the filesystem and opening connections to network hosts.
The postgis package has been updated to version 2.1.7, fixing this issue and several other bugs.
Please see the upstream release announcements and NEWS for more information.
- References
-
- https://advisories.mageia.org/MGASA-2015-0207.html
- https://bugs.mageia.org/show_bug.cgi?id=15741
- http://postgis.net/2013/11/08/postgis-2.1.1
- http://postgis.net/2014/03/31/postgis-2.1.2
- http://postgis.net/2014/05/19/postgis-2.0.6_and_2.1.3
- http://postgis.net/2014/09/10/postgis-2.1.4
- http://postgis.net/2014/12/18/postgis-2.1.5
- http://postgis.net/2015/03/20/postgis-2.1.6
- http://postgis.net/2015/04/06/postgis-2.1.7
- http://svn.osgeo.org/postgis/tags/2.1.7/NEWS
- https://lists.fedoraproject.org/pipermail/package-announce/2015-April/154704.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:4 / postgis
Package
- Name
- postgis
- Purl
- pkg:rpm/mageia/postgis?arch=source&distro=mageia-4