Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1576: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
  • CVE-2022-41862: A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Red Hat Security Data
Open in Source
#sql#vulnerability#mac#linux#red_hat#perl#auth#ibm#postgres

Issued:

2023-04-04

Updated:

2023-04-04

RHSA-2023:1576 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: postgresql:13 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

  • postgresql: Extension scripts replace objects not belonging to the extension. (CVE-2022-2625)
  • postgresql: Client memory disclosure when connecting with Kerberos to modified server (CVE-2022-41862)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2113825 - CVE-2022-2625 postgresql: Extension scripts replace objects not belonging to the extension.
  • BZ - 2165722 - CVE-2022-41862 postgresql: Client memory disclosure when connecting with Kerberos to modified server

Red Hat Enterprise Linux for x86_64 8

SRPM

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm

SHA-256: cf5bb68a93506815947a641a4bae89bc8fc115702e717c450fc3e37a54ad3976

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 69d37c6427f18ed1bd6d29cb2f54e083fb125c162fcb59a687c67528a2fb08e9

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 1afa4d664011737a91d8efe7f3ba1f1f9bd6c8e7c510d867bbd1ff41832fe95a

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.src.rpm

SHA-256: fd2cc44a7863e6d94be2ed0bdde701959ab8e9cb88983a81aced694f119b077f

x86_64

postgresql-test-rpm-macros-13.10-1.module+el8.7.0+18279+1ca8cf12.noarch.rpm

SHA-256: a0196cdd533aeabcbaae4e7b75704af7ab4eac8a8cda43f9ba0db543c3a82de2

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm

SHA-256: ca85a22006bcc34f5c248b316e7cd4f4e85dd9b567d2c981f74d379062c844b4

pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm

SHA-256: 557512e3ee00e5a6d5ff46d4443efd853f36d6030c9ed8776c0915d29d081f60

pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm

SHA-256: ab85bdfa7d6d9b2e50f316880881239ce99e0915979a65b144349b95b844fa6b

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm

SHA-256: 0ee2cdf7b40988a40a70294764149d58ef44f12b69ac85752465444a5b011340

pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm

SHA-256: ed444ce541962f85a37cae58466a203788f69a184d7dbeec159d7b424ab0ff8c

pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm

SHA-256: 3092f6f3bd32f8b30489fed2aad9d9884f77da6872a53d6b183a49b0224e7d91

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm

SHA-256: c2d5f6f1d41fd29098090d75b4927696fc01450d42ae75311c14056e574645c0

postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm

SHA-256: 7275a1229edefdcf0df138ea35e317fb9143461c6122cb4c8a3ec2821f5e1b65

postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm

SHA-256: c7145f0c47def50c037cd2694d408fa03627e7581a1303e8d7ccfb5cf47918e6

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: ae94b5bba4c1981093aedfec5abea73ed8015c446e212d0260c9ad6ee2640c43

postgresql-contrib-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 8947d9b103d64bcc5a4b3623535f41be6eda15934cb3de8a7400f0a846a61495

postgresql-contrib-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: dc3ee58cbe1da3ff9e7aa19858d8f0e4933bd13248c56d6549f985ee3742e4ba

postgresql-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 52b63c88b508bb66c4910b1ffbc90497e73ffc183401e1a9693ef161b0ff89a3

postgresql-debugsource-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 03cc0f8b3dd2f7de52897e287b1097f781a177df3dd92335d50d1f2f5a5cbdc2

postgresql-docs-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 691a7889262b4d2c5486113eb6e6b177f601c10190728d5cd913afcf37fe07a8

postgresql-docs-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 424b7ff2ad87eff5019faf02025bd998600474226f9550ccedef24ec45a75de0

postgresql-plperl-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 73f19428f22ccf98d4bbf629bea6b211f6071eb7123538364f85ea2d455f640a

postgresql-plperl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 6d2a644788741776224574ae412ca551a71d137edbc50067b8d6e84c15c4b494

postgresql-plpython3-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 8bce70053aaf7e09e062683d6ce848b0f7baf67384311fd2a6c4e8c4cebb223b

postgresql-plpython3-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: ebcd71312ae5f6facb9d5be3df11b1c07a709d9a1dd2ae5150008421440955bd

postgresql-pltcl-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: fefd6e6db7af7c179a1f3e061f9e0332b2267c44401037657acbd0cbd2050e83

postgresql-pltcl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: a677ecabebb156774acdab70defe77fb6aef9b96bdcf980c051eeeef7e4bf1c8

postgresql-server-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: af5e92721b6ce3b0c1cfeeebf00bb0ef6a43e41d2c60bd26f56a2886b614a692

postgresql-server-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: a79ee607cadb85187c600cfc56da09256ea3e5fca2e00f93c9309332bad3ec33

postgresql-server-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 006942d32ae6609ea16bd4a6678a71b01f83fd0fb4f95f749180db29dd463fba

postgresql-server-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 776a94360230af4fe48abedaa2ec2fd61dba847001d6f935f6044a6ab9901c2e

postgresql-static-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: b4b6d8eff50c53198301ff613199a6b4558f245dbc56f6af89536b57128bcdad

postgresql-test-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: cd51f99ee91afd610126a16740d4350f3142369ccb1a234085e7422a85895bc5

postgresql-test-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 187a93e3af9fb3b62d40606b26edb052367535e100ff0de18c634d1f92a58cbb

postgresql-upgrade-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 57816d71489b217e0726ec2a0e9f03f25feab44fa022ed173604446e8bf2ff11

postgresql-upgrade-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: db2955c0b77df1b05d3d87efab1b6870d3001c96cc926879891cca6eca255c04

postgresql-upgrade-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: a1160552b2bb6a5a2bc16748cf7d60c0c934b5a9bc2daa7733f43a825f9323b3

postgresql-upgrade-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.x86_64.rpm

SHA-256: 552f56c2dd93638ca4d62a2cc3ab63d81217465b4b24d10d8015028b6a5815ad

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm

SHA-256: cf5bb68a93506815947a641a4bae89bc8fc115702e717c450fc3e37a54ad3976

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 69d37c6427f18ed1bd6d29cb2f54e083fb125c162fcb59a687c67528a2fb08e9

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 1afa4d664011737a91d8efe7f3ba1f1f9bd6c8e7c510d867bbd1ff41832fe95a

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.src.rpm

SHA-256: fd2cc44a7863e6d94be2ed0bdde701959ab8e9cb88983a81aced694f119b077f

s390x

postgresql-test-rpm-macros-13.10-1.module+el8.7.0+18279+1ca8cf12.noarch.rpm

SHA-256: a0196cdd533aeabcbaae4e7b75704af7ab4eac8a8cda43f9ba0db543c3a82de2

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm

SHA-256: 7a60a8ed33607145d43240aaf95141da8897d2114d285dd86004c3135a18e46d

pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm

SHA-256: 60624bd5d1e587416bba26c08421a2533e0a079f6d20efb68d3df3f1acad429f

pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm

SHA-256: 03c2192b73f553d942e2555859094980194492204a3f3fd2ddde792fa77233e0

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm

SHA-256: f9cf8209959572394a7e03b2649dec1a39fda2b6ca6296690c70ba24405cb14b

pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm

SHA-256: d77338df6ffa262a52058e53f3c4c90f652b3a62b6b8540e91d74eef7916772a

pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm

SHA-256: 4002eb3f2d7127cbeccc94cbfae75577465e98aec4e7ec78c113948fec8e1c75

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm

SHA-256: 760e222272cb60e98b19c48ca16bc0edcea65d2373aa0d58e5cd7808b6ba4aa6

postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm

SHA-256: e7f2a7185ab0073ae411a5d6ff7b86d0980192f064c0786cada8ab80ffb589ce

postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm

SHA-256: b234ae1e6bb229ede778883dc38000f233a643a06118cb50861964dca424dff4

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 884dcd5aacde8598df0147fe188dc6f54e94e11211f56caee725c59c6dead3b8

postgresql-contrib-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: df66b39013401ce7487984eb1a71b70de90d5621ccf69388139203feb3395b67

postgresql-contrib-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: e9c5380746653892d9a17c04e3df06a192fa78065be10a3bfc852b7f46491972

postgresql-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 05239b98e81ba4b1a5e25c45734e8a36633bf090622104b21dbe45add14365b1

postgresql-debugsource-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: b7c94cf8b56bf52bbb4b7fa94f22a8ddbd6f849a059db75d9ce6c9b7cc5c9ac1

postgresql-docs-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: a28d1a8846e8fba6008dbd1f5248955b63723bc9db46d9a6536241bf466f4526

postgresql-docs-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 25313b3b8c3284dbdb94ebda6f7f62cb0b91ac9580eb1c94e193a5bb3ee857a7

postgresql-plperl-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 343caedccb15607c57cbfff7a4e3ae11edcbb353d4f5ae252392b3a0fa9e0123

postgresql-plperl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 8ff4118b89b38c300b453111a7d6905580f4f965ab0c2a70015b9d9fbed8ebaf

postgresql-plpython3-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: e5bc1cc3df8692b30f9b1763f5e8dfab2ecebb0bf44e371b2fe64c9b7a56adbe

postgresql-plpython3-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 39c682ca5ef20df035c0664aa4a832905be3c4dcfd189d82d7ae8480e8fb1858

postgresql-pltcl-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: a28ea5b1bae642145763eabaa799591055a61767b931c63df0abd704e231cce3

postgresql-pltcl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: faa230c63af60cd2b16999f351110379f59ef5389388e8489be058bd9fdddb53

postgresql-server-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: dbe1f7884a73b2509ec3a36cda3fc977df09b042b9cd30cbef10e80cf9395157

postgresql-server-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 855ebb4c3582ca0bc16fa7c8d9a00b020546af940e9bba998e5fa16d285bb834

postgresql-server-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 14867fcb8b4aae4b3c229f08d8b288a4c9b29b4ecf2c42f30a1c1bdb7d6f742f

postgresql-server-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: f274a60f55e6e0148930ac4ac3511457a3f7c8fef3997ede39786e56a62798c2

postgresql-static-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: beb1eb7401a88f86af3309ab8c486b154d91234349078189311d0c89b26ee0ac

postgresql-test-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 97dddd7d0a5c853f27102da0a960a4af40e55b55dc809ca109b617445db53c01

postgresql-test-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 11124977d70fb14f36939b08222e7a0da07bcfac18bceada247d790186d40cd8

postgresql-upgrade-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: e511b23a8dc7639e5be56809bb9e9e4c2aefc449450dec9fad97cf52f6382054

postgresql-upgrade-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: d3f76b8d198c00bc56c2b2841c66a659b3587cb8e92dbfcf25b1f9d6577b97ec

postgresql-upgrade-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 375996ada0b693c806b64f997f5daa373199a8360fa29c5e9345f180b0479978

postgresql-upgrade-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.s390x.rpm

SHA-256: 81c6f468adae0869e4f7a6e04cc32b122c2745aa2f6645fe9c0fbf3957e7ca51

Red Hat Enterprise Linux for Power, little endian 8

SRPM

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm

SHA-256: cf5bb68a93506815947a641a4bae89bc8fc115702e717c450fc3e37a54ad3976

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 69d37c6427f18ed1bd6d29cb2f54e083fb125c162fcb59a687c67528a2fb08e9

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 1afa4d664011737a91d8efe7f3ba1f1f9bd6c8e7c510d867bbd1ff41832fe95a

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.src.rpm

SHA-256: fd2cc44a7863e6d94be2ed0bdde701959ab8e9cb88983a81aced694f119b077f

ppc64le

postgresql-test-rpm-macros-13.10-1.module+el8.7.0+18279+1ca8cf12.noarch.rpm

SHA-256: a0196cdd533aeabcbaae4e7b75704af7ab4eac8a8cda43f9ba0db543c3a82de2

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm

SHA-256: c47c8749586d66dcfd4962ec9569eb5998350ec9ad674928127b2c9d5b03fa96

pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm

SHA-256: 8977835b7c78038685420c61c425e4320efec1ff33e3575b028101b83cd884e7

pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm

SHA-256: eb456a74a0688a01a88c8f9f2f191d0b17b3cadf1225407495764d6ae4aade04

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm

SHA-256: 9b26f16aba928fb478ebba330b899c4a4604e79c56253866c428ae8b60e93ed9

pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm

SHA-256: ec5bcbd6843e2525540ca758b317a568bb874c6cb01e6af84a3fe8c5de8129ec

pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm

SHA-256: 60786a39e82e43fbad96a9b9d23d6f0ee27fb3ae0260a6fcb26de8b1441cc963

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm

SHA-256: ebc43f633c563a8acbc32322a3a37038f3df4b864c4c155e988317f3abb02157

postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm

SHA-256: 20a30321f5e2038ee6fa266037ad6e893e05460e449e5fa7a0dbce2fafff6e70

postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm

SHA-256: 4468efa7f4edb7c037ae996285e9db41fba5a6417f0e762749e6b8d20e7faf3e

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 058db021d88a02fd4201f575c94935b384b5c4834ecf837b15c49e2615456eaa

postgresql-contrib-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 51e3b02771ec6b029dadea267217604c3fd5c104907dfb29a65376784d8ff348

postgresql-contrib-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 1b898ac061ba741b648cef5b72a99acf3c978f617a275b7a712b56a023fa458a

postgresql-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: ddd48bd7e7a5c647a7039e68117fce4bc48a17eb757ee812034eb82218801bac

postgresql-debugsource-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 258c2a9731c1643c180372fba23797eb693c0c30e21124f0b3ad38fe89cbb9a3

postgresql-docs-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 26655c705e31f5b348c2e2f51f0cb1ff063cd17cda959a5f00e904355db8694a

postgresql-docs-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 3f6c19a377094c341981198a12942d0878cfbd0dfa1ce922769d4ab966ecfab8

postgresql-plperl-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 9762345863c1e3a4012ff21166b206be4a7f83cf64cd126b4a4f3bf699b349f4

postgresql-plperl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 695628c50ddc246db6046d73013fe589caa30dfdc9d467c5e73f846c5781c2bc

postgresql-plpython3-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: cfde906d016641a5a8cc814d254e7de061032b96d152f61a1571370939162717

postgresql-plpython3-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 32820a481877132e5dd3c3567593cf59c13d4de7934d44d424885cba04fad14a

postgresql-pltcl-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: a43a88f9b6e874fd5c09e512714228ec1e64c8aa876b7f63140e035ae8d7d216

postgresql-pltcl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 2c9973b7aafdb78f91473796c94ed177c6442cf0b1a963354a2185aca0105f00

postgresql-server-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 6c8b400d47b720012adf1a9a8b8f1b598309f31a724966fc4e64c89e503cbdfc

postgresql-server-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: b7bce6b7c55633305f5666d41ad29254953c8ea86c94e41cebfde2533493617f

postgresql-server-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: fef24bcefb0b93a03f4ef44ec18cffb626cf4a357f7c9baefe3d938a9c127490

postgresql-server-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 3718c73e73d0f2277354872fa5d9358c85f9b66c7806c31f76b35ecaa2c8ed61

postgresql-static-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 0f9bfbe301dab1e1b79e6b4c92ecac88a343ad51053393672c50be74baca47a5

postgresql-test-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: f9a4b7b3c28a31c3a46cd198603a6f0bf739c05fa38569619c8a0ce786ee9f03

postgresql-test-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: cbdef96b42dd4349d2d8fa34664a8fc2a1f0bc6721e3af8c90c485a3693e4dfa

postgresql-upgrade-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: 9bbac1699e313aaf6d0efea81599633cadcf4047460e851098509d5b8e666775

postgresql-upgrade-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: d47e302ab204b7865ab36bfebb920b33525b6a3da35b3c09aaaaa70af69525cb

postgresql-upgrade-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: ce3e27706e62305760fcfefaffefbc120812a04def6c7bb4b8ed260fa23eb7f5

postgresql-upgrade-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.ppc64le.rpm

SHA-256: a244575e2f26ed8e86f07c5fdcde2c88d0afcec54c5fc0d5b6368c0fb398df13

Red Hat Enterprise Linux for ARM 64 8

SRPM

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm

SHA-256: cf5bb68a93506815947a641a4bae89bc8fc115702e717c450fc3e37a54ad3976

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 69d37c6427f18ed1bd6d29cb2f54e083fb125c162fcb59a687c67528a2fb08e9

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm

SHA-256: 1afa4d664011737a91d8efe7f3ba1f1f9bd6c8e7c510d867bbd1ff41832fe95a

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.src.rpm

SHA-256: fd2cc44a7863e6d94be2ed0bdde701959ab8e9cb88983a81aced694f119b077f

aarch64

pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm

SHA-256: d99a475a7b2d480cf0eed7edb22605138df7c08488b078ff14ed4eb6fbafa4b9

pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm

SHA-256: 400f4c749664e4598b1a59e2332908e945722ce8e9d20920e556dcb583929adb

pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm

SHA-256: 416a853a0cb4312bef48c911f4aa3c8ede9670c93787e30966fb137d99e7b6a7

pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm

SHA-256: 103aa3a6b510ad8e6245cf480e822813fbbad09c6e9605b8dadada683dfc5d81

pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm

SHA-256: 6927582959b55ae72af8cbcd1cbb4e4b87d0af6afeb674130d22e4012b81430f

pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm

SHA-256: c421803cce4119a2c933ecb3695bc3610197e99da86ed7ebafc0ae5cc4798ea4

postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm

SHA-256: ada397cf543fdd49e00066e8fd41e7a53fbd7222ceb2e8a1ad9895b40dc991f7

postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm

SHA-256: ffd0fc163297a18775abf4cfca0c60eff7f1c22a9a560a099d1249a9487eeab8

postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm

SHA-256: fc532f6695c1f697afb3423500eecc2da90a8653f422fd7df258b471b99df3ec

postgresql-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 898029a0574894a968f116c648a49c82a6ffd532a666d6052d115935dd817d90

postgresql-contrib-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 0cf84395d735fb8d8fced9d62f3cf968d9a2e120b07570c13db53e536e5d187f

postgresql-contrib-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: c702fd5113a5878428327fcc86118793ce762f35e936592ff2b871816da8f0a6

postgresql-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: a085802437b6e8c5e7ad078c11d2aeb3e2bece7733c8222db9edae2d155ea2ea

postgresql-debugsource-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: aa35d582ff77e3bc433742c92af6342c6517e607667045b479345cc9c62cffed

postgresql-docs-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: ccf44d25fd29320b7ae9aea891b10ebbbd79601282cca6a82d7bd659ffc2fd22

postgresql-docs-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: cd5bbe35144a9ee3a37bc81f1505dfa8d4557a083c464ed26e3be7c10e2e4d51

postgresql-plperl-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 8d9c03e64207aa2d7e33b8d5573ed47800989c6ed3c7f8c525f11c79909d4e2b

postgresql-plperl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 7681803614a70fcf9f862bbb98d6353cada7d1f634f59a5ab9ddaabde89335d6

postgresql-plpython3-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 9bc4a6868f1aae9ae692dd1c3b98c8931ebad78aa8a0f750f8781fd696f4874b

postgresql-plpython3-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 7932a5f4d62dfe31baeb31f3fcdf2f9c0d5d46d443a79f91387d10dd52912695

postgresql-pltcl-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 49bbf12f8f19ff3a09f4ba079a6f05143dcb33ab18b6b4f3c47f76350e13af88

postgresql-pltcl-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 94b85aad07247cc114b3e35e84d54b9bc29ce1ba14f0144cf68957308995eb92

postgresql-server-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: b6463aaabe2bf489c974043f72decb7b12932810dbebf587afec8f2b325941c6

postgresql-server-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 5a9e24465f0c9a4d6082020f7e996c4c21a43dcd0a65565fc9bb7f5516687d00

postgresql-server-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: d84d3a61acdc40680e89179721d0481692749cdbe6c21a1916358ac0e1ef6cbc

postgresql-server-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 15b825f93fff4268d495686e17fd553c5a8025d8718567842627f1086aea79bc

postgresql-static-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: dc7fffbfc9fee590f1d5fb3aff3530196a783403da3cc30e924ccfcd17ac471c

postgresql-test-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: d1fa9e6cbff12c2e906ae7b45b51688e5ba7c676f5933391db5982c807434bd6

postgresql-test-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 00cd00dc4657ae8bb2eab3640cc237a96c650f1d04efab8bb5b71877caa0de4a

postgresql-test-rpm-macros-13.10-1.module+el8.7.0+18279+1ca8cf12.noarch.rpm

SHA-256: a0196cdd533aeabcbaae4e7b75704af7ab4eac8a8cda43f9ba0db543c3a82de2

postgresql-upgrade-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 551a0deba96c31f2765b6f97602c694dbae16dac43f8a5b660df03680bb25625

postgresql-upgrade-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 08a47987b8665e8bc513278c405a9b0478c4f98f30cc22be275ab4cfbbb07eb6

postgresql-upgrade-devel-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 6b30da9779477144b6878aea9ad327485f755233a1fc00a0e004bd4795eaccfb

postgresql-upgrade-devel-debuginfo-13.10-1.module+el8.7.0+18279+1ca8cf12.aarch64.rpm

SHA-256: 5f3479a34b87edde80d9c4e2213ed31de14ef00ac7604ed4695bfa64a178955b

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2023-7695-03

Red Hat Security Advisory 2023-7695-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7694-03

Red Hat Security Advisory 2023-7694-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7667-03

Red Hat Security Advisory 2023-7667-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7666-03

Red Hat Security Advisory 2023-7666-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7580-01

Red Hat Security Advisory 2023-7580-01 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7545-01

Red Hat Security Advisory 2023-7545-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-4535-01

Red Hat Security Advisory 2023-4535-01 - PostgreSQL is an advanced object-relational database management system.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

RHSA-2023:1693: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT ...

CVE-2022-41862: Client memory disclosure when connecting, with Kerberos, to modified server

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.

Ubuntu Security Notice USN-5906-1

Ubuntu Security Notice 5906-1 - Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information.

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

Red Hat Security Advisory 2023-0160-01

Red Hat Security Advisory 2023-0160-01 - PostgreSQL is an advanced object-relational database management system.

Red Hat Security Advisory 2023-0113-01

Red Hat Security Advisory 2023-0113-01 - PostgreSQL is an advanced object-relational database management system.

RHSA-2023:0160: Red Hat Security Advisory: rh-postgresql10-postgresql security and bug fix update

An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.

RHSA-2023:0113: Red Hat Security Advisory: postgresql:10 security update

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.

Gentoo Linux Security Advisory 202211-04

Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.

RHSA-2022:7128: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.

Ubuntu Security Notice USN-5571-1

Ubuntu Security Notice 5571-1 - Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated.

CVE-2022-2625: Invalid Bug ID

A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.

CVE-2020-25695: PostgreSQL: Security Information

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data