Headline
RHSA-2023:1693: Red Hat Security Advisory: postgresql security update
An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
- CVE-2022-41862: A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Synopsis
Moderate: postgresql security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
PostgreSQL is an advanced object-relational database management system (DBMS).
Security Fix(es):
- postgresql: Extension scripts replace objects not belonging to the extension. (CVE-2022-2625)
- postgresql: Client memory disclosure when connecting with Kerberos to modified server (CVE-2022-41862)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
If the postgresql service is running, it will be automatically restarted after installing this update.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Fixes
- BZ - 2113825 - CVE-2022-2625 postgresql: Extension scripts replace objects not belonging to the extension.
- BZ - 2165722 - CVE-2022-41862 postgresql: Client memory disclosure when connecting with Kerberos to modified server
Red Hat Enterprise Linux for x86_64 9
SRPM
postgresql-13.10-1.el9_1.src.rpm
SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1
x86_64
postgresql-13.10-1.el9_1.x86_64.rpm
SHA-256: 468ad28d2c54e7621c418044c7f235f5b3b2e5871c45d595d10023a1b6d6e098
postgresql-contrib-13.10-1.el9_1.x86_64.rpm
SHA-256: a3f21cbf8489cddac02443e523a146ae56e4be7b5165fd208007d8db77cb396e
postgresql-contrib-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 7d9b86745ef1ea50d7cfe96e9f3d0553c37d67e68c2063c1aee3ecadef2e98a2
postgresql-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 0ad4e5218540cb460e8b57f1792d65c21db03694392ef726ef66b75254b8e1ce
postgresql-debugsource-13.10-1.el9_1.x86_64.rpm
SHA-256: f7585886b13ba53255ce92560e591353408139662db72ba180cb1e3ab7845425
postgresql-docs-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 6a92c811313bd7bd0957401c46fe238f062612e54350a0c66204930291919357
postgresql-plperl-13.10-1.el9_1.x86_64.rpm
SHA-256: a56952ebf08cb4d098a37a9aeb1b5438422b90f81ff4782138fd234a903892c8
postgresql-plperl-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: bffe0991936350d141262de63a43fe99d26de9fc255d08125e431e4de2dc35be
postgresql-plpython3-13.10-1.el9_1.x86_64.rpm
SHA-256: 64f45b3824813282707d610d3592bb98d13baba5f0415a9867cc7f94227d3458
postgresql-plpython3-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 5890a9180c32117d0ea65ab7defd18746d704e233ca045a4ee89b105234b0b4e
postgresql-pltcl-13.10-1.el9_1.x86_64.rpm
SHA-256: 2806022f2bb835d19c8017f159fa8988d344ad2e8121a03dae4449383df6f860
postgresql-pltcl-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 9c8897c8fa190604cbcad2b0ac2e8e8a525c5b455c714146d1603c4f86aaf7a3
postgresql-private-libs-13.10-1.el9_1.x86_64.rpm
SHA-256: b06bf4bb294d42a38e8300da6628fbe0dff251de617d882b468cb0789fcf8a38
postgresql-private-libs-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 488349af91e143fa37a541f999b4165267d7b9965a05f900899e541adffde56f
postgresql-server-13.10-1.el9_1.x86_64.rpm
SHA-256: f135e05d58d3458b3332fe788783fcf2fb1115bb9fdfe70461bec05a43162fde
postgresql-server-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 01a07971abfed686a56d367602636d505cc9421a7b843719625233204bdfb20e
postgresql-server-devel-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 35867e3a0127cc7f6153e0d492f5dd19d65838bbe2b7c636994ed1ae000de43b
postgresql-test-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 1c83feac7c9d3e9731da11b9440227b23efceed2aa39be14aba29ddf1ea55750
postgresql-upgrade-13.10-1.el9_1.x86_64.rpm
SHA-256: 9e122173b01d2d32eae6a2022d850afeaecbe77d9f17777b72d3be7826a29d1a
postgresql-upgrade-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: a5b61dd4bfc6f74a9274f1bcf2c5c5ffe34a505ed3e5fbb3c7b17b53713de285
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 83c682e027124ddac248107e8f9326e090bc7e7918f741733d7224dea5c67030
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
postgresql-13.10-1.el9_1.src.rpm
SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1
s390x
postgresql-13.10-1.el9_1.s390x.rpm
SHA-256: 44c51c385c7d0287d608514b194c8a27553e5d127a19bdcf728c137fc8190eaa
postgresql-contrib-13.10-1.el9_1.s390x.rpm
SHA-256: 8ca8ebe80497404a5b463035b8a4ebeac802fe15b9d3d3d8467c3cba9e5053b1
postgresql-contrib-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: e02373b0077f4f7d8b0c0a7e82cf9cf5fd02ba98d23d73979e758e63075f8e0c
postgresql-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: c2fc25f81fdfd31b5f1e3b40b59bc9cc89541fc58fb221250e0358d45564059a
postgresql-debugsource-13.10-1.el9_1.s390x.rpm
SHA-256: 1ca3f9fb4966835963206336f84c83507ef626f9dfadc63eccda9d97a61bda5f
postgresql-docs-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 736f36581551d9805b5439d7b05eba83be519eb599690beb10f5a66e4e4237ac
postgresql-plperl-13.10-1.el9_1.s390x.rpm
SHA-256: c442e66d03409ef33444c07baf6e04b436cce304f1741c2f1d188f3b59a23a46
postgresql-plperl-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: c6693d175697481cf47516743f8c812fdefb1d5941438eedb5986dacec8b9bab
postgresql-plpython3-13.10-1.el9_1.s390x.rpm
SHA-256: 8684a90ea978bd701bc1292d6e908614858849d6dac9ec8dc4bc112b9b7a95cf
postgresql-plpython3-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 44b280523506e65355608f1d85ed50e0bee4f9c1ba10aedba55f1813195ee502
postgresql-pltcl-13.10-1.el9_1.s390x.rpm
SHA-256: 89d4935853c75c74b30afc72f540dd2abc2c187b6589466286dbe7c102861601
postgresql-pltcl-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 2843b136f0f1cd9dd194a7d26419a5d518364c4afe94b2283e357b9964007c61
postgresql-private-libs-13.10-1.el9_1.s390x.rpm
SHA-256: 03f5f323bec730f27395ccffe90559b0307919de51f00ce5d0c839a8619c70f3
postgresql-private-libs-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 61e3d372feb1f7f8770851583e3b5f5e68c6714c41e16b3844aa340826a10568
postgresql-server-13.10-1.el9_1.s390x.rpm
SHA-256: bd5ea6e4c8af013b06d31ec07ef8ca778c6d260a14dadc867fab966be6b30b15
postgresql-server-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: deefd6f36e03b89e3a2768c00112b5b26835436e8bdb211dbd336c872bb33870
postgresql-server-devel-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 7c63bd33c8c32efca806857d17b883ea2b628165d3a9c91ec593fb298ab4126f
postgresql-test-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: ab5a07539c9b379c65c2617ef594b96c3f015c2e4bfbf3b65a324c1a0cc7f357
postgresql-upgrade-13.10-1.el9_1.s390x.rpm
SHA-256: e64642540df091694c9e4df9d6549ba6bf77d4c7d6284e6e8b863eea9b1504c5
postgresql-upgrade-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 277b6fb3ce1ac88379867581f9f8b8c7a39dc9e182ca1cdba4d62b315755b1db
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: e296afc7c9c9e0e7644d753588175f6d8638522d50f6ce249da7f35758b9ad98
Red Hat Enterprise Linux for Power, little endian 9
SRPM
postgresql-13.10-1.el9_1.src.rpm
SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1
ppc64le
postgresql-13.10-1.el9_1.ppc64le.rpm
SHA-256: c4cf8e18575a00e7a918829e035aa81be595af87888e9bced9449e1064308522
postgresql-contrib-13.10-1.el9_1.ppc64le.rpm
SHA-256: 617a54bd1b0a4d53c6bb9c1d139ed422143dbd63ba911f3565183a4e9aafcab5
postgresql-contrib-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: cdd64ecb59262e7d358a416dbf216b8c92a0da1dfa4b65f00ecb494d1ef950c8
postgresql-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 4b501891508a1823cf8fc28f04257d35e13533ba76b1dd959e8f1cf8fd00bf25
postgresql-debugsource-13.10-1.el9_1.ppc64le.rpm
SHA-256: 21cdb022b72fda7f8d99678db4d570f0140f77cd00bba6a7bc9f255c351e54ab
postgresql-docs-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 7f9b1ac2f4f000e74ea57f66a5a586b632a9cc304a768cd8e935832212659f33
postgresql-plperl-13.10-1.el9_1.ppc64le.rpm
SHA-256: fc4747d2b7a8d494e58c71780e30df74eab26374e6b9857b3bd078a51a1bfaa8
postgresql-plperl-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 22944248113996d692d33a1de3266faeca83f70bdf88d19ffc60a3aa594ebb38
postgresql-plpython3-13.10-1.el9_1.ppc64le.rpm
SHA-256: 807b2470000d8b08391aba54a7c2ae35eda20d5fd9e7d87d6d65e3102844a585
postgresql-plpython3-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 6fb61c9b8d6367468c6fa19770b1888883cf9597a85ebd3c3bea7bd3a77747e0
postgresql-pltcl-13.10-1.el9_1.ppc64le.rpm
SHA-256: 5db6a8aea2c35eaecac0d0d913e0e1360299f3fa12bdf60eb429cab876b64085
postgresql-pltcl-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 608990e33d441fac1a5d544c6fd83f0da8d9018555ef762be7703da3c4828047
postgresql-private-libs-13.10-1.el9_1.ppc64le.rpm
SHA-256: 33d782603e297b8f19e3e541bd8eae6ce16aa813a5f6401ac648f6ab9d35d39f
postgresql-private-libs-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 9aefae518a25a9d3eb14f779d910f79f7364403e6ace66819cc359fd8247269e
postgresql-server-13.10-1.el9_1.ppc64le.rpm
SHA-256: aed37c428e784f889f0ec41482754a5e58f5cfb40c390bbb9e23a69e0ac7959e
postgresql-server-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 34b918542add765c800f2537ab4d49faeea61f52f90add7437ce360acfa26f8a
postgresql-server-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 9aca130fe4d050e2142047afd67a0d88fe67afcbdd869c92fcd72a2755983970
postgresql-test-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 4ad08189c6368c0e0e3ee7af1c1db9cfbf63de688a097ae3dd1e5e5baec8a051
postgresql-upgrade-13.10-1.el9_1.ppc64le.rpm
SHA-256: c634dc473494ca887ef91c7ba0e0303586860eb629b983b852d52b3b3ee093c4
postgresql-upgrade-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: b4ad58c8ceff62dfecafa540a33222d70e505ca4ee32988dd21bde316c44981a
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 104445d0ec95b467d0206ee857b0960619419c2b702545f951aaa0751a8d57ba
Red Hat Enterprise Linux for ARM 64 9
SRPM
postgresql-13.10-1.el9_1.src.rpm
SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1
aarch64
postgresql-13.10-1.el9_1.aarch64.rpm
SHA-256: 434cd1fe6a9fb2bd3e41db4347cbc3ce2fe05f3e2a1282a045140cdd9bf57f9c
postgresql-contrib-13.10-1.el9_1.aarch64.rpm
SHA-256: 4cfe77c90c7673b92ec095211f8101cbd1a2e15d28f2271521008b8655ed8bd1
postgresql-contrib-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: f727fe7bebe65291ec7ef12ebe14816d9ca131a50d4fd14f8b00fa731f1ba746
postgresql-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: f798a4c92d12ba4e62b5fd40328d09c0b344be4cf38fa69ac258804483881a39
postgresql-debugsource-13.10-1.el9_1.aarch64.rpm
SHA-256: eeb7866866301a9267b5d3a9a1f80f89b436f74f0d9e7c6efe491519a7f1e8c2
postgresql-docs-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 925fdb44f0ef38b7570c7d06f037e42391210080730d0575568e437082824ac4
postgresql-plperl-13.10-1.el9_1.aarch64.rpm
SHA-256: 82321a1246a8a893ec0ba42364ec15f2268a0d5bb68020602b0ead8bd87f2952
postgresql-plperl-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: ef58728e1b385a33bdcaa3dd570385b2591038aedc68e65a8fe7c69accd82d4c
postgresql-plpython3-13.10-1.el9_1.aarch64.rpm
SHA-256: 6d8ae6b46473ea8aaaa53dc91aac1a9f85dc076aa158d0257eff5ad4ad623d31
postgresql-plpython3-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: cdc3e30a6dd03e83552863d3325feae96bb26f6c64b8384dfeb3d091a3d7fe2d
postgresql-pltcl-13.10-1.el9_1.aarch64.rpm
SHA-256: 22afc09261ea1f7bf4f42bf2ca745b7646c9c2d4ac5fae36444f56a3002499ed
postgresql-pltcl-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 16e42197390b13a0d03a5529a77e96a74f1c7c1b2287ced3b66dd547cbb32603
postgresql-private-libs-13.10-1.el9_1.aarch64.rpm
SHA-256: 32bd67b0f5e6dd898e8316803aa3072395e21350f358c4470794526ce1921790
postgresql-private-libs-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 613bb6d1e89bc7a495134ccfb4fb77ff74d42d49b3221e22d60ad3c271fd9623
postgresql-server-13.10-1.el9_1.aarch64.rpm
SHA-256: 91b7b3b6ebb7ab57cf2b5dd3b39c914869508548aa43b7006706d5a43ae0d68e
postgresql-server-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 22ef884a2557d26e0ee6d524ffac4346d3e67608879379420d6b369d07ae2743
postgresql-server-devel-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 95576347a9eae07a252949c210a8ed4141c22ae7dce158090b8f8c8a7337558a
postgresql-test-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: b3fb683513885f5d97f601466d1cf631ca506e2318aa8ae1f6af62cf1e4a673a
postgresql-upgrade-13.10-1.el9_1.aarch64.rpm
SHA-256: ba3f6ab2730088e2dc14e2798714fa9284bc788a7174a68abaf9be371091291d
postgresql-upgrade-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 2ed5c60583722c11d5509fd115d72debc4e20d39fc3f0b57f28436cc12956973
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 228c325f908e976a1b36937749521d7bcd75d915da1607203e5d8b968f549805
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
postgresql-contrib-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 7d9b86745ef1ea50d7cfe96e9f3d0553c37d67e68c2063c1aee3ecadef2e98a2
postgresql-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 0ad4e5218540cb460e8b57f1792d65c21db03694392ef726ef66b75254b8e1ce
postgresql-debugsource-13.10-1.el9_1.x86_64.rpm
SHA-256: f7585886b13ba53255ce92560e591353408139662db72ba180cb1e3ab7845425
postgresql-docs-13.10-1.el9_1.x86_64.rpm
SHA-256: f3192a0d77ed56598995a91811d91876c52c4c70a58521b7870439a4cce648f6
postgresql-docs-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 6a92c811313bd7bd0957401c46fe238f062612e54350a0c66204930291919357
postgresql-plperl-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: bffe0991936350d141262de63a43fe99d26de9fc255d08125e431e4de2dc35be
postgresql-plpython3-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 5890a9180c32117d0ea65ab7defd18746d704e233ca045a4ee89b105234b0b4e
postgresql-pltcl-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 9c8897c8fa190604cbcad2b0ac2e8e8a525c5b455c714146d1603c4f86aaf7a3
postgresql-private-devel-13.10-1.el9_1.x86_64.rpm
SHA-256: 7bfee86e5eed47f63bdd1db2e7c74b4def24b55c3b88a1ddd7eccb540fc01bd5
postgresql-private-libs-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 488349af91e143fa37a541f999b4165267d7b9965a05f900899e541adffde56f
postgresql-server-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 01a07971abfed686a56d367602636d505cc9421a7b843719625233204bdfb20e
postgresql-server-devel-13.10-1.el9_1.x86_64.rpm
SHA-256: 7a524bf4bc8e4a33b40e76df9ceb5b3c7a0c95c0e279128b2ea0408d20a1d867
postgresql-server-devel-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 35867e3a0127cc7f6153e0d492f5dd19d65838bbe2b7c636994ed1ae000de43b
postgresql-static-13.10-1.el9_1.x86_64.rpm
SHA-256: b8e1e6c09d8148c68268e07b25ffeb3093dacfdda5f325520571798f3c884da5
postgresql-test-13.10-1.el9_1.x86_64.rpm
SHA-256: 273447016572db8dcff5df00ecc046fd4aa950da651ad5aaa6c837fcdd4b34be
postgresql-test-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 1c83feac7c9d3e9731da11b9440227b23efceed2aa39be14aba29ddf1ea55750
postgresql-upgrade-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: a5b61dd4bfc6f74a9274f1bcf2c5c5ffe34a505ed3e5fbb3c7b17b53713de285
postgresql-upgrade-devel-13.10-1.el9_1.x86_64.rpm
SHA-256: 559cb84a77b021a61a299e20e90c7b0651177e271d3894e9b8ad515cedb5ef8c
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.x86_64.rpm
SHA-256: 83c682e027124ddac248107e8f9326e090bc7e7918f741733d7224dea5c67030
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
postgresql-contrib-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: cdd64ecb59262e7d358a416dbf216b8c92a0da1dfa4b65f00ecb494d1ef950c8
postgresql-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 4b501891508a1823cf8fc28f04257d35e13533ba76b1dd959e8f1cf8fd00bf25
postgresql-debugsource-13.10-1.el9_1.ppc64le.rpm
SHA-256: 21cdb022b72fda7f8d99678db4d570f0140f77cd00bba6a7bc9f255c351e54ab
postgresql-docs-13.10-1.el9_1.ppc64le.rpm
SHA-256: 801be8c32b5d904b5e0545e7e90be94d58503b9d2d22d3e18d6a1cb83c7dd059
postgresql-docs-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 7f9b1ac2f4f000e74ea57f66a5a586b632a9cc304a768cd8e935832212659f33
postgresql-plperl-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 22944248113996d692d33a1de3266faeca83f70bdf88d19ffc60a3aa594ebb38
postgresql-plpython3-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 6fb61c9b8d6367468c6fa19770b1888883cf9597a85ebd3c3bea7bd3a77747e0
postgresql-pltcl-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 608990e33d441fac1a5d544c6fd83f0da8d9018555ef762be7703da3c4828047
postgresql-private-devel-13.10-1.el9_1.ppc64le.rpm
SHA-256: d130f8376128e11d0483bf91a9714538f90bb677943ec5ad8b3d34c4c11f193e
postgresql-private-libs-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 9aefae518a25a9d3eb14f779d910f79f7364403e6ace66819cc359fd8247269e
postgresql-server-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 34b918542add765c800f2537ab4d49faeea61f52f90add7437ce360acfa26f8a
postgresql-server-devel-13.10-1.el9_1.ppc64le.rpm
SHA-256: 67f5573699637f9179c6d96154c0e99ff3581348b1223c70816ce0eae9fd060e
postgresql-server-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 9aca130fe4d050e2142047afd67a0d88fe67afcbdd869c92fcd72a2755983970
postgresql-static-13.10-1.el9_1.ppc64le.rpm
SHA-256: 66b2b4204994c6f6f5349b8c34dd3eae3c18afc1186f334c3ed509aafd1d8a35
postgresql-test-13.10-1.el9_1.ppc64le.rpm
SHA-256: 7a40aacf3ca924902235989555e823f062b2246c97e5352de1646a6fec918189
postgresql-test-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 4ad08189c6368c0e0e3ee7af1c1db9cfbf63de688a097ae3dd1e5e5baec8a051
postgresql-upgrade-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: b4ad58c8ceff62dfecafa540a33222d70e505ca4ee32988dd21bde316c44981a
postgresql-upgrade-devel-13.10-1.el9_1.ppc64le.rpm
SHA-256: 04f859aedb5eab53829161903a971469792671254ff46c6da697c881e1d5d98c
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm
SHA-256: 104445d0ec95b467d0206ee857b0960619419c2b702545f951aaa0751a8d57ba
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
postgresql-contrib-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: f727fe7bebe65291ec7ef12ebe14816d9ca131a50d4fd14f8b00fa731f1ba746
postgresql-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: f798a4c92d12ba4e62b5fd40328d09c0b344be4cf38fa69ac258804483881a39
postgresql-debugsource-13.10-1.el9_1.aarch64.rpm
SHA-256: eeb7866866301a9267b5d3a9a1f80f89b436f74f0d9e7c6efe491519a7f1e8c2
postgresql-docs-13.10-1.el9_1.aarch64.rpm
SHA-256: 4b0b13a2548afe14960f29573c639e98a0ef1cf675e02319777ebbbcaaddf87c
postgresql-docs-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 925fdb44f0ef38b7570c7d06f037e42391210080730d0575568e437082824ac4
postgresql-plperl-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: ef58728e1b385a33bdcaa3dd570385b2591038aedc68e65a8fe7c69accd82d4c
postgresql-plpython3-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: cdc3e30a6dd03e83552863d3325feae96bb26f6c64b8384dfeb3d091a3d7fe2d
postgresql-pltcl-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 16e42197390b13a0d03a5529a77e96a74f1c7c1b2287ced3b66dd547cbb32603
postgresql-private-devel-13.10-1.el9_1.aarch64.rpm
SHA-256: 826cb459e8d5f5954ce4ef84bad9498ec20def8e991bf21143f6011aa5a90899
postgresql-private-libs-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 613bb6d1e89bc7a495134ccfb4fb77ff74d42d49b3221e22d60ad3c271fd9623
postgresql-server-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 22ef884a2557d26e0ee6d524ffac4346d3e67608879379420d6b369d07ae2743
postgresql-server-devel-13.10-1.el9_1.aarch64.rpm
SHA-256: 12598029de63a14a3e9f08601f17eb327409c48e9ac1a0683767e779b633f14a
postgresql-server-devel-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 95576347a9eae07a252949c210a8ed4141c22ae7dce158090b8f8c8a7337558a
postgresql-static-13.10-1.el9_1.aarch64.rpm
SHA-256: f378cb98b2071c40a9657fe65683416b280b34efc65bd777fcfb38d69eb60d8e
postgresql-test-13.10-1.el9_1.aarch64.rpm
SHA-256: ebac50064054e1642b6449f06831ec195e236c692814b35d6c15c13faaced022
postgresql-test-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: b3fb683513885f5d97f601466d1cf631ca506e2318aa8ae1f6af62cf1e4a673a
postgresql-upgrade-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 2ed5c60583722c11d5509fd115d72debc4e20d39fc3f0b57f28436cc12956973
postgresql-upgrade-devel-13.10-1.el9_1.aarch64.rpm
SHA-256: 66ac719dea2d4c74c7887c24b605f6e3eaafda54e8f68c99bf197e204309d802
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.aarch64.rpm
SHA-256: 228c325f908e976a1b36937749521d7bcd75d915da1607203e5d8b968f549805
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
postgresql-contrib-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: e02373b0077f4f7d8b0c0a7e82cf9cf5fd02ba98d23d73979e758e63075f8e0c
postgresql-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: c2fc25f81fdfd31b5f1e3b40b59bc9cc89541fc58fb221250e0358d45564059a
postgresql-debugsource-13.10-1.el9_1.s390x.rpm
SHA-256: 1ca3f9fb4966835963206336f84c83507ef626f9dfadc63eccda9d97a61bda5f
postgresql-docs-13.10-1.el9_1.s390x.rpm
SHA-256: f1af0d708bf62474d3b7f1fdb54335e64b11201d5d546c14c0fa72217038dc02
postgresql-docs-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 736f36581551d9805b5439d7b05eba83be519eb599690beb10f5a66e4e4237ac
postgresql-plperl-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: c6693d175697481cf47516743f8c812fdefb1d5941438eedb5986dacec8b9bab
postgresql-plpython3-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 44b280523506e65355608f1d85ed50e0bee4f9c1ba10aedba55f1813195ee502
postgresql-pltcl-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 2843b136f0f1cd9dd194a7d26419a5d518364c4afe94b2283e357b9964007c61
postgresql-private-devel-13.10-1.el9_1.s390x.rpm
SHA-256: 41b471c8e80e5cd9a2c840579c31c54978b6ae706fad64877cea60c3e10f6401
postgresql-private-libs-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 61e3d372feb1f7f8770851583e3b5f5e68c6714c41e16b3844aa340826a10568
postgresql-server-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: deefd6f36e03b89e3a2768c00112b5b26835436e8bdb211dbd336c872bb33870
postgresql-server-devel-13.10-1.el9_1.s390x.rpm
SHA-256: 6b0f765b1591ee52ef61377fe45deb443b07f547f89d86f01d09cbc85dd9fb48
postgresql-server-devel-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 7c63bd33c8c32efca806857d17b883ea2b628165d3a9c91ec593fb298ab4126f
postgresql-static-13.10-1.el9_1.s390x.rpm
SHA-256: e25348ee18495a01f01fea4d03dc425e1e2078f435f4cb3d70e2b45415ef7358
postgresql-test-13.10-1.el9_1.s390x.rpm
SHA-256: 04202df2904f35d2e205623f499d94c8cf8cdf2d7f2fa73cfbb5beda62f8a0dd
postgresql-test-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: ab5a07539c9b379c65c2617ef594b96c3f015c2e4bfbf3b65a324c1a0cc7f357
postgresql-upgrade-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: 277b6fb3ce1ac88379867581f9f8b8c7a39dc9e182ca1cdba4d62b315755b1db
postgresql-upgrade-devel-13.10-1.el9_1.s390x.rpm
SHA-256: 915b2fb5361a7f7a5068264660d0f17351df8909c1aa26fa393912dcefe87449
postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.s390x.rpm
SHA-256: e296afc7c9c9e0e7644d753588175f6d8638522d50f6ce249da7f35758b9ad98
Related news
Red Hat Security Advisory 2023-7695-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7694-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7667-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7580-01 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-7545-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
Red Hat Security Advisory 2023-4535-01 - PostgreSQL is an advanced object-relational database management system.
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or ...
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or ...
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Ubuntu Security Notice 5906-1 - Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information.
Red Hat Security Advisory 2023-0160-01 - PostgreSQL is an advanced object-relational database management system.
Red Hat Security Advisory 2023-0113-01 - PostgreSQL is an advanced object-relational database management system.
An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.
Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.
Ubuntu Security Notice 5571-1 - Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated.
A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.