Adding fixed events for postgresql-16 (#9122)

* Adding Fixed Advisory CVE-2024-10979 for postgresql-16 * Adding Fixed Advisory CVE-2024-10976 for postgresql-16 * Adding Fixed Advisory CVE-2024-10977 for postgresql-16 * Adding Fixed Advisory CVE-2024-10978 for postgresql-16 --------- Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
wolfi-dev · Nov 16, 2024 · e186102 · e186102
1 parent 1804428
commit e186102
Showing 1 changed file with 52 additions and 12 deletions.
diff --git a/postgresql-16.advisories.yaml b/postgresql-16.advisories.yaml
@@ -4,16 +4,25 @@ package:
   name: postgresql-16
 
 advisories:
-  - id: CGA-v2w7-gh2g-x2p8
+  - id: CGA-22wr-gxqp-qjmx
     aliases:
-      - CVE-2017-8806
-      - GHSA-xg92-g8h7-v7r4
+      - CVE-2023-5870
+      - GHSA-5gp7-j4r7-g66f
     events:
-      - timestamp: 2023-10-11T19:02:51Z
-        type: false-positive-determination
+      - timestamp: 2023-11-09T15:00:02Z
+        type: fixed
         data:
-          type: component-vulnerability-mismatch
-          note: This CVE appears to impact only Debian/Ubuntu.
+          fixed-version: 16.1-r0
+
+  - id: CGA-59pc-23mh-j555
+    aliases:
+      - CVE-2024-10977
+      - GHSA-62q4-hc79-94qj
+    events:
+      - timestamp: 2024-11-16T10:09:18Z
+        type: fixed
+        data:
+          fixed-version: 16.5-r0
 
   - id: CGA-5q3x-29hx-vv2w
     aliases:
@@ -35,15 +44,15 @@ advisories:
         data:
           fixed-version: 16.1-r0
 
-  - id: CGA-22wr-gxqp-qjmx
+  - id: CGA-7fqw-7hwq-58c2
     aliases:
-      - CVE-2023-5870
-      - GHSA-5gp7-j4r7-g66f
+      - CVE-2024-10979
+      - GHSA-2r9h-x757-8j9q
     events:
-      - timestamp: 2023-11-09T15:00:02Z
+      - timestamp: 2024-11-16T10:09:14Z
         type: fixed
         data:
-          fixed-version: 16.1-r0
+          fixed-version: 16.5-r0
 
   - id: CGA-mv6p-v28g-2892
     aliases:
@@ -54,3 +63,34 @@ advisories:
         type: fixed
         data:
           fixed-version: 16.3-r0
+
+  - id: CGA-mw2g-hp89-4qg6
+    aliases:
+      - CVE-2024-10976
+      - GHSA-9cv8-8vgq-fg45
+    events:
+      - timestamp: 2024-11-16T10:09:16Z
+        type: fixed
+        data:
+          fixed-version: 16.5-r0
+
+  - id: CGA-p7hv-7jrr-6mh7
+    aliases:
+      - CVE-2024-10978
+      - GHSA-37v9-jh5m-f5pg
+    events:
+      - timestamp: 2024-11-16T10:09:21Z
+        type: fixed
+        data:
+          fixed-version: 16.5-r0
+
+  - id: CGA-v2w7-gh2g-x2p8
+    aliases:
+      - CVE-2017-8806
+      - GHSA-xg92-g8h7-v7r4
+    events:
+      - timestamp: 2023-10-11T19:02:51Z
+        type: false-positive-determination
+        data:
+          type: component-vulnerability-mismatch
+          note: This CVE appears to impact only Debian/Ubuntu.