Headline
RHSA-2022:4894: Red Hat Security Advisory: postgresql:10 security update
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit “security restricted operation” sandbox
Issued:
2022-06-02
Updated:
2022-06-03
RHSA-2022:4894 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
PostgreSQL is an advanced object-relational database management system (DBMS).
The following packages have been upgraded to a later upstream version: postgresql (10.21).
Security Fix(es):
- postgresql: Autovacuum, REINDEX, and others omit “security restricted operation” sandbox (CVE-2022-1552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
If the postgresql service is running, it will be automatically restarted after installing this update.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2081126 - CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit “security restricted operation” sandbox
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
postgresql-10.21-2.module+el8.1.0+15339+34e1e10d.src.rpm
SHA-256: 4680ad4660539be4fd5646c5b48d745c4cf2c3e7357308a6d724c41619bf0ba4
ppc64le
postgresql-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: ba81bcb90955572a84786549c24b1fd4af52018899cf2e006d136ae2cb73f145
postgresql-contrib-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: cabf84a2f5fbc22b9375523540c6b7c7cbb4e6cab53b7b8501d5125277d92838
postgresql-contrib-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 7a6381482ee68c594f22c7a8a94b76dd5f9d6ed2b891bbbd95e92dffafbebf12
postgresql-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 172d5fda4eb116397e74f9acd2fb61da2f53c31f2bb87c581d687418c1911c94
postgresql-debugsource-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 696a9294d825c44afc555ade851a684a8fef45cbeeff78afed7195db9abee6f6
postgresql-docs-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: ae76da18a45a65c03f1d3203e8327244e18c71a53b659414c5bb72391a38aa03
postgresql-docs-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: ce21e62cdf48ae1e608db2264f29c8173363132d4a44fba6e788f3d8885a3c2b
postgresql-plperl-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: d485c15200395bb934cee9e9118e5cdb4a9d48085ff6a0cbf4249e63aad4f8b5
postgresql-plperl-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 16aefc8335ec976b239e113ad513a42101d4f7f8ce3e18017bb6650761d0ca00
postgresql-plpython3-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 7aa4deee0482687863545919447901a42f0f009c7a91df586ab6cae12c2661e8
postgresql-plpython3-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 722fcc28902d61ce5e67f99f822c8a804fb05c01d4e17c85af40c9e318022b26
postgresql-pltcl-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 73d8bfa2c78a7152c5b5b2c0c92c2cf44da0ea86ceaa0436528aaa90217d6b28
postgresql-pltcl-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 206458dc0060c69ba86273407efa7c7151911046dd03c330f08d5c72feb4ce3d
postgresql-server-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 8617b5591f3da67fe9cb08a679530963910c75ea4ff888f488b1b2fbbdbbccd5
postgresql-server-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 13ff1bb4bfdb9ce1912f2ae947187225952a47bbd0f79f2d302966749af459d8
postgresql-server-devel-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: f9bd8f497c156ed03a37c2898a68782315d2824aa5dfb4f1c2d53284a0d87442
postgresql-server-devel-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 3433fcb9a849623e76f6d50ebf760d5537e1221e8679123378546103d61aed54
postgresql-static-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: b8adac0cafc569570ca275498ffaf9cea5b6df8fa6f7b0bf1e39770b09a52888
postgresql-test-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 0819099eb619b5dfb1e91e928f88fc79f401e4458e37e7e127fa5d28b6bec29d
postgresql-test-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: e0f97a3f4f55359ca0c07c105ab046803ab6e4cd518e6540ec3441eda58989c4
postgresql-test-rpm-macros-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: cc5fd35d5bfdb3e7a5eff3ceb7942f4464130e23d701a04efbd508ad313539ad
postgresql-upgrade-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 880dd037f9fdaf9375fde55c09038984f9dba1686dd3c1d0cc9cc5a0fab8a273
postgresql-upgrade-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 24f3e4638d12edf4cca50c761c3cf7c9d47ae6594d2fbe5f1edafa9ed38f988d
postgresql-upgrade-devel-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 719f8258bc89efa1c016936d5bd95b7b18d796f896f22e33703afa5a10036b5f
postgresql-upgrade-devel-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.ppc64le.rpm
SHA-256: 362f259711b66ffba64ac05aeed1a3fe1ef270546d328cf690945e292d9231c6
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1
SRPM
postgresql-10.21-2.module+el8.1.0+15339+34e1e10d.src.rpm
SHA-256: 4680ad4660539be4fd5646c5b48d745c4cf2c3e7357308a6d724c41619bf0ba4
x86_64
postgresql-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 724b27fdba5c0cee94f84eccc54b39661fc8b079fdfb2dbfa019f88e9c425e23
postgresql-contrib-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: a83750c31f8fab006478f28e1860f66a50a74f524d81a5a81ab0375076782a6a
postgresql-contrib-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 4613e1f935757dac48fa0c6b77302842d68c568ee1181d0c03374fea82f959be
postgresql-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 02e4aaaab16c09685013c9bc9bf06ead853eb506c74f3332d7e3d5e68c9e2e7e
postgresql-debugsource-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 9f586c04d6f14a7948a186017f41f960384a18d6cab41b532bb6e7f32731ed1c
postgresql-docs-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: c637e003cd42a083f95d2a45cff4fcfb90b39af9f07de9277d6d35b08e754f96
postgresql-docs-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 724462a961bb2235656d47ec59dd2430aac3bf501398eac9664329bb10d62fc1
postgresql-plperl-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 252db00e67dce8746adb22055651f888f9b6ba396f423d3133317242652692b5
postgresql-plperl-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: f4332af52cea28a001b90c248b8c3e71b61f989633ca200718baa169711e36a5
postgresql-plpython3-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 21b96117aee8c88155004e93ebe19854eaf90c4d41327e8c3135405cf9f065ab
postgresql-plpython3-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: d698bec5c96edefc93af56b540dba1e2915e29c723539ffca4913e04cd1ef46f
postgresql-pltcl-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: cd419e23c941dc2f64926b492f1d41c42ff87046616590fa9f234ad5300a8982
postgresql-pltcl-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 12cde2aa3736b9b0171da24cbe71b37d7174096cdc8d7d4baa43db57b3028be2
postgresql-server-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 5e3a606b3704c5c35f88c3854ed01e98e28669efb5ba2e991ec77994267f6a8f
postgresql-server-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: a7bec7eb726851851a4267ff3c07a47097779741508d95432ff8f42e1ab0fc9b
postgresql-server-devel-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 28763a81a2250d2a9994e7b384b5f7977fc18cbf73b9d5a5f7037b399049abce
postgresql-server-devel-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 87a99bdcde133f47e49df38f99b05f7b2cc33dcef14808db0b839acbe3cfcdb3
postgresql-static-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 53f90e221b1ebfebd22b16e4cb4e0cadf136d38aaee01d3d7215ae41b0353339
postgresql-test-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: e8d4e5737f4a8e8d00559a0b2722efcd62266fde4f76d4bb20d28a4db12903a6
postgresql-test-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: c776f4581dee7ac35c2486f7290ccd8b3b5381a0a44aac16feaa866090271cd7
postgresql-test-rpm-macros-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: eb2418f7a51fe4b5ad8359ff2d966ebf571692b3537f50994be8a80b270f46f8
postgresql-upgrade-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 92046506559da23b8b7d9dbdef9d850b564bf779c3cf1f08d7a8690c05390fc0
postgresql-upgrade-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 62dcdc0aa05c71dfa3cda882cc4acd703298e5238386bacfd3026366e57169dd
postgresql-upgrade-devel-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: d2a9571586c6a29bec0061f28ff33a40c2ed95a38e852e582e1500daefb3bbe3
postgresql-upgrade-devel-debuginfo-10.21-2.module+el8.1.0+15339+34e1e10d.x86_64.rpm
SHA-256: 97484c2439dc516586f5ab32f72d95524145f57a22f98f5ca8ba9c84e3c47f10
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.
Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2022-5162-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4915-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4913-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4895-01 - PostgreSQL is an advanced object-relational database management system.
An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Red Hat Security Advisory 2022-4855-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4857-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4856-01 - PostgreSQL is an advanced object-relational database management system.
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Red Hat Security Advisory 2022-4807-01 - PostgreSQL is an advanced object-relational database management system.
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Ubuntu Security Notice 5440-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser.