04.110.2025 - PgBouncer 1.24.1 released - Fixes CVE-2025-2291
|
PgBouncer 1.24.1 has been released. This release fixes CVE-2025-2291, which
could allow an attacker to bypass Postgres its password expiry. Such a password
expiry would have been set up in Postgres using the VALID UNTIL clause. This
is a security issue that affects all versions of PgBouncer. If you use both
VALID UNTIL and auth_user then you should upgrade, or change the
auth_query in your config file to the new auth_query that is used by
default in this release. If you are using a custom auth_query then you should
update it be similar to the new default auth_query in this release.
- Download PostgreSQL
- View Press Release
- Visit PostgreSQL
|
|
|
|
NID: 97336 / Submitted by: The Zilla of Zuron
|
| Categories:
Server Applications, Open Source, Press Release
|
| Most recent PostgreSQL-Press related news. |
|
PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 Released!
|
|
PostgreSQL Conference Germany 2026
|
|
CloudNativePG 1.28.0 RC1 Released!
|
|
pgEdge Announces CloudNativePG Integration, Simplifying Postgres on Kubernetes
|
|
PgBouncer 1.25.0 released
|
|
View archive of PostgreSQL-Press related news.
|
 Digg
 del.icio.us
 Furl
 Google Bookmarks
 Yahoo! My Web
 AddThis Bookmark
|
