Headline
RHSA-2022:4915: Red Hat Security Advisory: rh-postgresql12-postgresql security update
An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit “security restricted operation” sandbox
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-06-06
Updated:
2022-06-06
RHSA-2022:4915 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: rh-postgresql12-postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
PostgreSQL is an advanced object-relational database management system (DBMS).
The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql (12.11).
Security Fix(es):
- postgresql: Autovacuum, REINDEX, and others omit “security restricted operation” sandbox (CVE-2022-1552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
If the postgresql service is running, it will be automatically restarted after installing this update.
Affected Products
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
Fixes
- BZ - 2081126 - CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit “security restricted operation” sandbox
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7
SRPM
rh-postgresql12-postgresql-12.11-1.el7.src.rpm
SHA-256: 95156d690d097e5844ca9614e621141412de9b9c30ed58fe74c19103b7ca107f
x86_64
rh-postgresql12-postgresql-12.11-1.el7.x86_64.rpm
SHA-256: 200a7dfcdf88f997a263fbd47df474a2e05bf2ff34bbdfb8a991fb3163f143f6
rh-postgresql12-postgresql-contrib-12.11-1.el7.x86_64.rpm
SHA-256: 675a8b55d3d50a86034fd0a28b1576fd812c4ffa1d032c6996a5354288b2bb0c
rh-postgresql12-postgresql-contrib-syspaths-12.11-1.el7.x86_64.rpm
SHA-256: 69ca4a092d18cdfab9f60dcad41ebe881ad8d213318632fc36ab9b0dd0f5a6dc
rh-postgresql12-postgresql-debuginfo-12.11-1.el7.x86_64.rpm
SHA-256: deacbbca0fb1cb99e6cc1d26ab4b5229b41497aee674170673925be73d82f20e
rh-postgresql12-postgresql-devel-12.11-1.el7.x86_64.rpm
SHA-256: ff272235123231747e557a1ad1d4bceebd406020175f7cf57277fa3f0f11d39e
rh-postgresql12-postgresql-docs-12.11-1.el7.x86_64.rpm
SHA-256: a01ef5e835af9520c17143c95e3b8fa085ae641dda06e1de56b6a35bc043b13a
rh-postgresql12-postgresql-libs-12.11-1.el7.x86_64.rpm
SHA-256: d4fe23e5b500f35b99070410ff58d9c374decdb314e7357e99a47e921b4d304f
rh-postgresql12-postgresql-plperl-12.11-1.el7.x86_64.rpm
SHA-256: 3194fca33dafb0c736c68cd347c276ef36e82e8492d3cef1e5b43cbf41dbb047
rh-postgresql12-postgresql-plpython-12.11-1.el7.x86_64.rpm
SHA-256: ff39efb49264805e43955d754b4315a802000bfec8a0f0659aa4883120d7a4c5
rh-postgresql12-postgresql-pltcl-12.11-1.el7.x86_64.rpm
SHA-256: ac83b1cf58f2ed173f5e2465f3b304589b2cc537e1faf535f76fc4b866277d59
rh-postgresql12-postgresql-server-12.11-1.el7.x86_64.rpm
SHA-256: 8f97e54981216f90390631ad8bd46143f69398824c23379df0d224da5a0fd743
rh-postgresql12-postgresql-server-syspaths-12.11-1.el7.x86_64.rpm
SHA-256: 1b20ffa824a159e4d57df7d7662b64ba0b99da6ba50ddadb0358a5ed30d019bd
rh-postgresql12-postgresql-static-12.11-1.el7.x86_64.rpm
SHA-256: b23fa481adb1be5255865d53966d8b1424801635e5413fb36689350526c6b473
rh-postgresql12-postgresql-syspaths-12.11-1.el7.x86_64.rpm
SHA-256: 25233bf1953d288556663852a89ec4fb8347559f9fdb23311570783a829702b5
rh-postgresql12-postgresql-test-12.11-1.el7.x86_64.rpm
SHA-256: e45964bd3510d364cdb1b9a8c44b38f10dda6b2807fa85c0ba079071ea972b9f
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7
SRPM
rh-postgresql12-postgresql-12.11-1.el7.src.rpm
SHA-256: 95156d690d097e5844ca9614e621141412de9b9c30ed58fe74c19103b7ca107f
s390x
rh-postgresql12-postgresql-12.11-1.el7.s390x.rpm
SHA-256: 293b4d6f58903c459cbd73df05aba4b2496342a1f270e5216ef8af62c72bf42e
rh-postgresql12-postgresql-contrib-12.11-1.el7.s390x.rpm
SHA-256: 756b3524a774c8bfce732a689e54cba12d4861418491d8ace968df92fa39f7b0
rh-postgresql12-postgresql-contrib-syspaths-12.11-1.el7.s390x.rpm
SHA-256: 9dfcdebafc84c3626bd1cbae5d74fc7afa4f37a50038d4bcc814ab777527a1a3
rh-postgresql12-postgresql-debuginfo-12.11-1.el7.s390x.rpm
SHA-256: 6fe76c0fe75a29c84ce1b4319f74bc62ba4b4449d16ccc99a5e2c69ec62807c6
rh-postgresql12-postgresql-devel-12.11-1.el7.s390x.rpm
SHA-256: fbcc0bcf4686c9758cd697789767dc2e8b03078a3cc3efdaca2d5a112ca85a60
rh-postgresql12-postgresql-docs-12.11-1.el7.s390x.rpm
SHA-256: 2fb640bb840df2f99305bede70df91f4ace8852283dec8e75487cea648e896f3
rh-postgresql12-postgresql-libs-12.11-1.el7.s390x.rpm
SHA-256: bfd721dc4baf547ad8da03b96b5d7c80f7d2cbd2cbc32a2e3fc0876a0aef86ec
rh-postgresql12-postgresql-plperl-12.11-1.el7.s390x.rpm
SHA-256: 1a056cc76d161b009c9d3cda674243120323de4f7816fdfbae7d64352d8faa99
rh-postgresql12-postgresql-plpython-12.11-1.el7.s390x.rpm
SHA-256: c7ba392eda08ea2188cc799c126e11634df6bf54ea0cc948e7f9236ecf0aced0
rh-postgresql12-postgresql-pltcl-12.11-1.el7.s390x.rpm
SHA-256: f1abbda40b8d35cb216129f53783d3ca5cd7b7d13feed352a3c92fd882506ec6
rh-postgresql12-postgresql-server-12.11-1.el7.s390x.rpm
SHA-256: 0f0463f971bf79dbe028abafb29f840e31ab7f5b00d2a022e697144c608871b1
rh-postgresql12-postgresql-server-syspaths-12.11-1.el7.s390x.rpm
SHA-256: 42193f79cdc4acd9a57a205044f8a8480236c3ebe56eb1c984213ab54900e7aa
rh-postgresql12-postgresql-static-12.11-1.el7.s390x.rpm
SHA-256: 722d159243c644785d92dcd13b26bda51523a376d169e2082742f48a8c98551a
rh-postgresql12-postgresql-syspaths-12.11-1.el7.s390x.rpm
SHA-256: b78993ea659d5aeb2d4cbb41c4231f32092ab444381a015dc705b4ce148756f6
rh-postgresql12-postgresql-test-12.11-1.el7.s390x.rpm
SHA-256: 6616abbaeafda5033e33891d7fe3f54a34eb14ee045ae9c9dc474cdd39135bad
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7
SRPM
rh-postgresql12-postgresql-12.11-1.el7.src.rpm
SHA-256: 95156d690d097e5844ca9614e621141412de9b9c30ed58fe74c19103b7ca107f
ppc64le
rh-postgresql12-postgresql-12.11-1.el7.ppc64le.rpm
SHA-256: a8d0952638c977a3f08fe470ef147ed4e3f70618e3a9caccf997f7634604d30e
rh-postgresql12-postgresql-contrib-12.11-1.el7.ppc64le.rpm
SHA-256: b09b251e749a9748333302d0ab9eba55dbe232e210c75142f553cd4dd5216968
rh-postgresql12-postgresql-contrib-syspaths-12.11-1.el7.ppc64le.rpm
SHA-256: f4c8e8e8054c41fe7b8e67a3a0345db5d3c7fba442249624631bf98567fc5e42
rh-postgresql12-postgresql-debuginfo-12.11-1.el7.ppc64le.rpm
SHA-256: 879efa4211bf3d4dfbd40b89577b915e31d659ce688634a69f00e0173ecb397d
rh-postgresql12-postgresql-devel-12.11-1.el7.ppc64le.rpm
SHA-256: 58ad09889deb2475e9b3e0c952180041ee68ad4fb2136514c19be53a60aa02f7
rh-postgresql12-postgresql-docs-12.11-1.el7.ppc64le.rpm
SHA-256: 691bcf93aaa5fa66a8a9213041de127a849e02495d4d06d7986a7a9009446233
rh-postgresql12-postgresql-libs-12.11-1.el7.ppc64le.rpm
SHA-256: b515d7db442b3766998806d9ff64b50b138409d27cce5e0e24cd68d8ec604d88
rh-postgresql12-postgresql-plperl-12.11-1.el7.ppc64le.rpm
SHA-256: 8dcabff20b1d6390e874f99648308842b6e8fab577bc16b7e1a2e18a15001985
rh-postgresql12-postgresql-plpython-12.11-1.el7.ppc64le.rpm
SHA-256: 0df1be95cf5c2f368f081be298edd2804d1435ae2177a4aba220863e51dd6dcb
rh-postgresql12-postgresql-pltcl-12.11-1.el7.ppc64le.rpm
SHA-256: e5410a3b8bdae80cfcbc7a21b76c3e658a093da4db9b38dfa995211776d55c7f
rh-postgresql12-postgresql-server-12.11-1.el7.ppc64le.rpm
SHA-256: 6331293907eb65c4e2b511a84cbd7200a8135b9494933f78e5fd0b14080ee0a0
rh-postgresql12-postgresql-server-syspaths-12.11-1.el7.ppc64le.rpm
SHA-256: e9078566c17d4ea3f3c18d23226d58ffb05687bf012c78ecb289b28b7badff59
rh-postgresql12-postgresql-static-12.11-1.el7.ppc64le.rpm
SHA-256: dcfa0de24ff432475a79a6a7281312fa38f88cfa0ee92c84813011700903459e
rh-postgresql12-postgresql-syspaths-12.11-1.el7.ppc64le.rpm
SHA-256: 409c3845351bc3fde2a8198272b76dc8c285af36f6c7ced0008ade88f3d5e533
rh-postgresql12-postgresql-test-12.11-1.el7.ppc64le.rpm
SHA-256: 012001d330c650f85759afa45ee94f1f90ce28ab7e524b6bba92b0a18c3f52e9
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7
SRPM
rh-postgresql12-postgresql-12.11-1.el7.src.rpm
SHA-256: 95156d690d097e5844ca9614e621141412de9b9c30ed58fe74c19103b7ca107f
x86_64
rh-postgresql12-postgresql-12.11-1.el7.x86_64.rpm
SHA-256: 200a7dfcdf88f997a263fbd47df474a2e05bf2ff34bbdfb8a991fb3163f143f6
rh-postgresql12-postgresql-contrib-12.11-1.el7.x86_64.rpm
SHA-256: 675a8b55d3d50a86034fd0a28b1576fd812c4ffa1d032c6996a5354288b2bb0c
rh-postgresql12-postgresql-contrib-syspaths-12.11-1.el7.x86_64.rpm
SHA-256: 69ca4a092d18cdfab9f60dcad41ebe881ad8d213318632fc36ab9b0dd0f5a6dc
rh-postgresql12-postgresql-debuginfo-12.11-1.el7.x86_64.rpm
SHA-256: deacbbca0fb1cb99e6cc1d26ab4b5229b41497aee674170673925be73d82f20e
rh-postgresql12-postgresql-devel-12.11-1.el7.x86_64.rpm
SHA-256: ff272235123231747e557a1ad1d4bceebd406020175f7cf57277fa3f0f11d39e
rh-postgresql12-postgresql-docs-12.11-1.el7.x86_64.rpm
SHA-256: a01ef5e835af9520c17143c95e3b8fa085ae641dda06e1de56b6a35bc043b13a
rh-postgresql12-postgresql-libs-12.11-1.el7.x86_64.rpm
SHA-256: d4fe23e5b500f35b99070410ff58d9c374decdb314e7357e99a47e921b4d304f
rh-postgresql12-postgresql-plperl-12.11-1.el7.x86_64.rpm
SHA-256: 3194fca33dafb0c736c68cd347c276ef36e82e8492d3cef1e5b43cbf41dbb047
rh-postgresql12-postgresql-plpython-12.11-1.el7.x86_64.rpm
SHA-256: ff39efb49264805e43955d754b4315a802000bfec8a0f0659aa4883120d7a4c5
rh-postgresql12-postgresql-pltcl-12.11-1.el7.x86_64.rpm
SHA-256: ac83b1cf58f2ed173f5e2465f3b304589b2cc537e1faf535f76fc4b866277d59
rh-postgresql12-postgresql-server-12.11-1.el7.x86_64.rpm
SHA-256: 8f97e54981216f90390631ad8bd46143f69398824c23379df0d224da5a0fd743
rh-postgresql12-postgresql-server-syspaths-12.11-1.el7.x86_64.rpm
SHA-256: 1b20ffa824a159e4d57df7d7662b64ba0b99da6ba50ddadb0358a5ed30d019bd
rh-postgresql12-postgresql-static-12.11-1.el7.x86_64.rpm
SHA-256: b23fa481adb1be5255865d53966d8b1424801635e5413fb36689350526c6b473
rh-postgresql12-postgresql-syspaths-12.11-1.el7.x86_64.rpm
SHA-256: 25233bf1953d288556663852a89ec4fb8347559f9fdb23311570783a829702b5
rh-postgresql12-postgresql-test-12.11-1.el7.x86_64.rpm
SHA-256: e45964bd3510d364cdb1b9a8c44b38f10dda6b2807fa85c0ba079071ea972b9f
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.
Red Hat Security Advisory 2022-6252-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 3.11.784. Issues addressed include a bypass vulnerability.
An update for postgresql is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Red Hat Security Advisory 2022-4915-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4913-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4894-01 - PostgreSQL is an advanced object-relational database management system.
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Red Hat Security Advisory 2022-4857-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4854-01 - PostgreSQL is an advanced object-relational database management system.
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Red Hat Security Advisory 2022-4805-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2022-4771-01 - PostgreSQL is an advanced object-relational database management system.
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1552: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox
Ubuntu Security Notice 5440-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser.