Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1693: Red Hat Security Advisory: postgresql security update

An update for postgresql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
  • CVE-2022-41862: A flaw was found In PostgreSQL. A modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions, a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Red Hat Security Data
#sql#vulnerability#linux#red_hat#perl#auth#ibm#postgres

Synopsis

Moderate: postgresql security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for postgresql is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

  • postgresql: Extension scripts replace objects not belonging to the extension. (CVE-2022-2625)
  • postgresql: Client memory disclosure when connecting with Kerberos to modified server (CVE-2022-41862)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Fixes

  • BZ - 2113825 - CVE-2022-2625 postgresql: Extension scripts replace objects not belonging to the extension.
  • BZ - 2165722 - CVE-2022-41862 postgresql: Client memory disclosure when connecting with Kerberos to modified server

Red Hat Enterprise Linux for x86_64 9

SRPM

postgresql-13.10-1.el9_1.src.rpm

SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1

x86_64

postgresql-13.10-1.el9_1.x86_64.rpm

SHA-256: 468ad28d2c54e7621c418044c7f235f5b3b2e5871c45d595d10023a1b6d6e098

postgresql-contrib-13.10-1.el9_1.x86_64.rpm

SHA-256: a3f21cbf8489cddac02443e523a146ae56e4be7b5165fd208007d8db77cb396e

postgresql-contrib-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 7d9b86745ef1ea50d7cfe96e9f3d0553c37d67e68c2063c1aee3ecadef2e98a2

postgresql-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 0ad4e5218540cb460e8b57f1792d65c21db03694392ef726ef66b75254b8e1ce

postgresql-debugsource-13.10-1.el9_1.x86_64.rpm

SHA-256: f7585886b13ba53255ce92560e591353408139662db72ba180cb1e3ab7845425

postgresql-docs-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 6a92c811313bd7bd0957401c46fe238f062612e54350a0c66204930291919357

postgresql-plperl-13.10-1.el9_1.x86_64.rpm

SHA-256: a56952ebf08cb4d098a37a9aeb1b5438422b90f81ff4782138fd234a903892c8

postgresql-plperl-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: bffe0991936350d141262de63a43fe99d26de9fc255d08125e431e4de2dc35be

postgresql-plpython3-13.10-1.el9_1.x86_64.rpm

SHA-256: 64f45b3824813282707d610d3592bb98d13baba5f0415a9867cc7f94227d3458

postgresql-plpython3-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 5890a9180c32117d0ea65ab7defd18746d704e233ca045a4ee89b105234b0b4e

postgresql-pltcl-13.10-1.el9_1.x86_64.rpm

SHA-256: 2806022f2bb835d19c8017f159fa8988d344ad2e8121a03dae4449383df6f860

postgresql-pltcl-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 9c8897c8fa190604cbcad2b0ac2e8e8a525c5b455c714146d1603c4f86aaf7a3

postgresql-private-libs-13.10-1.el9_1.x86_64.rpm

SHA-256: b06bf4bb294d42a38e8300da6628fbe0dff251de617d882b468cb0789fcf8a38

postgresql-private-libs-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 488349af91e143fa37a541f999b4165267d7b9965a05f900899e541adffde56f

postgresql-server-13.10-1.el9_1.x86_64.rpm

SHA-256: f135e05d58d3458b3332fe788783fcf2fb1115bb9fdfe70461bec05a43162fde

postgresql-server-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 01a07971abfed686a56d367602636d505cc9421a7b843719625233204bdfb20e

postgresql-server-devel-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 35867e3a0127cc7f6153e0d492f5dd19d65838bbe2b7c636994ed1ae000de43b

postgresql-test-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 1c83feac7c9d3e9731da11b9440227b23efceed2aa39be14aba29ddf1ea55750

postgresql-upgrade-13.10-1.el9_1.x86_64.rpm

SHA-256: 9e122173b01d2d32eae6a2022d850afeaecbe77d9f17777b72d3be7826a29d1a

postgresql-upgrade-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: a5b61dd4bfc6f74a9274f1bcf2c5c5ffe34a505ed3e5fbb3c7b17b53713de285

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 83c682e027124ddac248107e8f9326e090bc7e7918f741733d7224dea5c67030

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

postgresql-13.10-1.el9_1.src.rpm

SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1

s390x

postgresql-13.10-1.el9_1.s390x.rpm

SHA-256: 44c51c385c7d0287d608514b194c8a27553e5d127a19bdcf728c137fc8190eaa

postgresql-contrib-13.10-1.el9_1.s390x.rpm

SHA-256: 8ca8ebe80497404a5b463035b8a4ebeac802fe15b9d3d3d8467c3cba9e5053b1

postgresql-contrib-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: e02373b0077f4f7d8b0c0a7e82cf9cf5fd02ba98d23d73979e758e63075f8e0c

postgresql-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: c2fc25f81fdfd31b5f1e3b40b59bc9cc89541fc58fb221250e0358d45564059a

postgresql-debugsource-13.10-1.el9_1.s390x.rpm

SHA-256: 1ca3f9fb4966835963206336f84c83507ef626f9dfadc63eccda9d97a61bda5f

postgresql-docs-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 736f36581551d9805b5439d7b05eba83be519eb599690beb10f5a66e4e4237ac

postgresql-plperl-13.10-1.el9_1.s390x.rpm

SHA-256: c442e66d03409ef33444c07baf6e04b436cce304f1741c2f1d188f3b59a23a46

postgresql-plperl-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: c6693d175697481cf47516743f8c812fdefb1d5941438eedb5986dacec8b9bab

postgresql-plpython3-13.10-1.el9_1.s390x.rpm

SHA-256: 8684a90ea978bd701bc1292d6e908614858849d6dac9ec8dc4bc112b9b7a95cf

postgresql-plpython3-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 44b280523506e65355608f1d85ed50e0bee4f9c1ba10aedba55f1813195ee502

postgresql-pltcl-13.10-1.el9_1.s390x.rpm

SHA-256: 89d4935853c75c74b30afc72f540dd2abc2c187b6589466286dbe7c102861601

postgresql-pltcl-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 2843b136f0f1cd9dd194a7d26419a5d518364c4afe94b2283e357b9964007c61

postgresql-private-libs-13.10-1.el9_1.s390x.rpm

SHA-256: 03f5f323bec730f27395ccffe90559b0307919de51f00ce5d0c839a8619c70f3

postgresql-private-libs-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 61e3d372feb1f7f8770851583e3b5f5e68c6714c41e16b3844aa340826a10568

postgresql-server-13.10-1.el9_1.s390x.rpm

SHA-256: bd5ea6e4c8af013b06d31ec07ef8ca778c6d260a14dadc867fab966be6b30b15

postgresql-server-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: deefd6f36e03b89e3a2768c00112b5b26835436e8bdb211dbd336c872bb33870

postgresql-server-devel-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 7c63bd33c8c32efca806857d17b883ea2b628165d3a9c91ec593fb298ab4126f

postgresql-test-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: ab5a07539c9b379c65c2617ef594b96c3f015c2e4bfbf3b65a324c1a0cc7f357

postgresql-upgrade-13.10-1.el9_1.s390x.rpm

SHA-256: e64642540df091694c9e4df9d6549ba6bf77d4c7d6284e6e8b863eea9b1504c5

postgresql-upgrade-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 277b6fb3ce1ac88379867581f9f8b8c7a39dc9e182ca1cdba4d62b315755b1db

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: e296afc7c9c9e0e7644d753588175f6d8638522d50f6ce249da7f35758b9ad98

Red Hat Enterprise Linux for Power, little endian 9

SRPM

postgresql-13.10-1.el9_1.src.rpm

SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1

ppc64le

postgresql-13.10-1.el9_1.ppc64le.rpm

SHA-256: c4cf8e18575a00e7a918829e035aa81be595af87888e9bced9449e1064308522

postgresql-contrib-13.10-1.el9_1.ppc64le.rpm

SHA-256: 617a54bd1b0a4d53c6bb9c1d139ed422143dbd63ba911f3565183a4e9aafcab5

postgresql-contrib-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: cdd64ecb59262e7d358a416dbf216b8c92a0da1dfa4b65f00ecb494d1ef950c8

postgresql-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 4b501891508a1823cf8fc28f04257d35e13533ba76b1dd959e8f1cf8fd00bf25

postgresql-debugsource-13.10-1.el9_1.ppc64le.rpm

SHA-256: 21cdb022b72fda7f8d99678db4d570f0140f77cd00bba6a7bc9f255c351e54ab

postgresql-docs-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 7f9b1ac2f4f000e74ea57f66a5a586b632a9cc304a768cd8e935832212659f33

postgresql-plperl-13.10-1.el9_1.ppc64le.rpm

SHA-256: fc4747d2b7a8d494e58c71780e30df74eab26374e6b9857b3bd078a51a1bfaa8

postgresql-plperl-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 22944248113996d692d33a1de3266faeca83f70bdf88d19ffc60a3aa594ebb38

postgresql-plpython3-13.10-1.el9_1.ppc64le.rpm

SHA-256: 807b2470000d8b08391aba54a7c2ae35eda20d5fd9e7d87d6d65e3102844a585

postgresql-plpython3-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 6fb61c9b8d6367468c6fa19770b1888883cf9597a85ebd3c3bea7bd3a77747e0

postgresql-pltcl-13.10-1.el9_1.ppc64le.rpm

SHA-256: 5db6a8aea2c35eaecac0d0d913e0e1360299f3fa12bdf60eb429cab876b64085

postgresql-pltcl-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 608990e33d441fac1a5d544c6fd83f0da8d9018555ef762be7703da3c4828047

postgresql-private-libs-13.10-1.el9_1.ppc64le.rpm

SHA-256: 33d782603e297b8f19e3e541bd8eae6ce16aa813a5f6401ac648f6ab9d35d39f

postgresql-private-libs-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 9aefae518a25a9d3eb14f779d910f79f7364403e6ace66819cc359fd8247269e

postgresql-server-13.10-1.el9_1.ppc64le.rpm

SHA-256: aed37c428e784f889f0ec41482754a5e58f5cfb40c390bbb9e23a69e0ac7959e

postgresql-server-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 34b918542add765c800f2537ab4d49faeea61f52f90add7437ce360acfa26f8a

postgresql-server-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 9aca130fe4d050e2142047afd67a0d88fe67afcbdd869c92fcd72a2755983970

postgresql-test-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 4ad08189c6368c0e0e3ee7af1c1db9cfbf63de688a097ae3dd1e5e5baec8a051

postgresql-upgrade-13.10-1.el9_1.ppc64le.rpm

SHA-256: c634dc473494ca887ef91c7ba0e0303586860eb629b983b852d52b3b3ee093c4

postgresql-upgrade-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: b4ad58c8ceff62dfecafa540a33222d70e505ca4ee32988dd21bde316c44981a

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 104445d0ec95b467d0206ee857b0960619419c2b702545f951aaa0751a8d57ba

Red Hat Enterprise Linux for ARM 64 9

SRPM

postgresql-13.10-1.el9_1.src.rpm

SHA-256: e0d6810effdd178667d7590f339b6cf7965d8d5100a8866b61d46b4e0d6c0fd1

aarch64

postgresql-13.10-1.el9_1.aarch64.rpm

SHA-256: 434cd1fe6a9fb2bd3e41db4347cbc3ce2fe05f3e2a1282a045140cdd9bf57f9c

postgresql-contrib-13.10-1.el9_1.aarch64.rpm

SHA-256: 4cfe77c90c7673b92ec095211f8101cbd1a2e15d28f2271521008b8655ed8bd1

postgresql-contrib-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: f727fe7bebe65291ec7ef12ebe14816d9ca131a50d4fd14f8b00fa731f1ba746

postgresql-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: f798a4c92d12ba4e62b5fd40328d09c0b344be4cf38fa69ac258804483881a39

postgresql-debugsource-13.10-1.el9_1.aarch64.rpm

SHA-256: eeb7866866301a9267b5d3a9a1f80f89b436f74f0d9e7c6efe491519a7f1e8c2

postgresql-docs-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 925fdb44f0ef38b7570c7d06f037e42391210080730d0575568e437082824ac4

postgresql-plperl-13.10-1.el9_1.aarch64.rpm

SHA-256: 82321a1246a8a893ec0ba42364ec15f2268a0d5bb68020602b0ead8bd87f2952

postgresql-plperl-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: ef58728e1b385a33bdcaa3dd570385b2591038aedc68e65a8fe7c69accd82d4c

postgresql-plpython3-13.10-1.el9_1.aarch64.rpm

SHA-256: 6d8ae6b46473ea8aaaa53dc91aac1a9f85dc076aa158d0257eff5ad4ad623d31

postgresql-plpython3-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: cdc3e30a6dd03e83552863d3325feae96bb26f6c64b8384dfeb3d091a3d7fe2d

postgresql-pltcl-13.10-1.el9_1.aarch64.rpm

SHA-256: 22afc09261ea1f7bf4f42bf2ca745b7646c9c2d4ac5fae36444f56a3002499ed

postgresql-pltcl-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 16e42197390b13a0d03a5529a77e96a74f1c7c1b2287ced3b66dd547cbb32603

postgresql-private-libs-13.10-1.el9_1.aarch64.rpm

SHA-256: 32bd67b0f5e6dd898e8316803aa3072395e21350f358c4470794526ce1921790

postgresql-private-libs-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 613bb6d1e89bc7a495134ccfb4fb77ff74d42d49b3221e22d60ad3c271fd9623

postgresql-server-13.10-1.el9_1.aarch64.rpm

SHA-256: 91b7b3b6ebb7ab57cf2b5dd3b39c914869508548aa43b7006706d5a43ae0d68e

postgresql-server-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 22ef884a2557d26e0ee6d524ffac4346d3e67608879379420d6b369d07ae2743

postgresql-server-devel-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 95576347a9eae07a252949c210a8ed4141c22ae7dce158090b8f8c8a7337558a

postgresql-test-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: b3fb683513885f5d97f601466d1cf631ca506e2318aa8ae1f6af62cf1e4a673a

postgresql-upgrade-13.10-1.el9_1.aarch64.rpm

SHA-256: ba3f6ab2730088e2dc14e2798714fa9284bc788a7174a68abaf9be371091291d

postgresql-upgrade-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 2ed5c60583722c11d5509fd115d72debc4e20d39fc3f0b57f28436cc12956973

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 228c325f908e976a1b36937749521d7bcd75d915da1607203e5d8b968f549805

Red Hat CodeReady Linux Builder for x86_64 9

SRPM

x86_64

postgresql-contrib-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 7d9b86745ef1ea50d7cfe96e9f3d0553c37d67e68c2063c1aee3ecadef2e98a2

postgresql-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 0ad4e5218540cb460e8b57f1792d65c21db03694392ef726ef66b75254b8e1ce

postgresql-debugsource-13.10-1.el9_1.x86_64.rpm

SHA-256: f7585886b13ba53255ce92560e591353408139662db72ba180cb1e3ab7845425

postgresql-docs-13.10-1.el9_1.x86_64.rpm

SHA-256: f3192a0d77ed56598995a91811d91876c52c4c70a58521b7870439a4cce648f6

postgresql-docs-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 6a92c811313bd7bd0957401c46fe238f062612e54350a0c66204930291919357

postgresql-plperl-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: bffe0991936350d141262de63a43fe99d26de9fc255d08125e431e4de2dc35be

postgresql-plpython3-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 5890a9180c32117d0ea65ab7defd18746d704e233ca045a4ee89b105234b0b4e

postgresql-pltcl-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 9c8897c8fa190604cbcad2b0ac2e8e8a525c5b455c714146d1603c4f86aaf7a3

postgresql-private-devel-13.10-1.el9_1.x86_64.rpm

SHA-256: 7bfee86e5eed47f63bdd1db2e7c74b4def24b55c3b88a1ddd7eccb540fc01bd5

postgresql-private-libs-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 488349af91e143fa37a541f999b4165267d7b9965a05f900899e541adffde56f

postgresql-server-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 01a07971abfed686a56d367602636d505cc9421a7b843719625233204bdfb20e

postgresql-server-devel-13.10-1.el9_1.x86_64.rpm

SHA-256: 7a524bf4bc8e4a33b40e76df9ceb5b3c7a0c95c0e279128b2ea0408d20a1d867

postgresql-server-devel-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 35867e3a0127cc7f6153e0d492f5dd19d65838bbe2b7c636994ed1ae000de43b

postgresql-static-13.10-1.el9_1.x86_64.rpm

SHA-256: b8e1e6c09d8148c68268e07b25ffeb3093dacfdda5f325520571798f3c884da5

postgresql-test-13.10-1.el9_1.x86_64.rpm

SHA-256: 273447016572db8dcff5df00ecc046fd4aa950da651ad5aaa6c837fcdd4b34be

postgresql-test-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 1c83feac7c9d3e9731da11b9440227b23efceed2aa39be14aba29ddf1ea55750

postgresql-upgrade-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: a5b61dd4bfc6f74a9274f1bcf2c5c5ffe34a505ed3e5fbb3c7b17b53713de285

postgresql-upgrade-devel-13.10-1.el9_1.x86_64.rpm

SHA-256: 559cb84a77b021a61a299e20e90c7b0651177e271d3894e9b8ad515cedb5ef8c

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.x86_64.rpm

SHA-256: 83c682e027124ddac248107e8f9326e090bc7e7918f741733d7224dea5c67030

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM

ppc64le

postgresql-contrib-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: cdd64ecb59262e7d358a416dbf216b8c92a0da1dfa4b65f00ecb494d1ef950c8

postgresql-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 4b501891508a1823cf8fc28f04257d35e13533ba76b1dd959e8f1cf8fd00bf25

postgresql-debugsource-13.10-1.el9_1.ppc64le.rpm

SHA-256: 21cdb022b72fda7f8d99678db4d570f0140f77cd00bba6a7bc9f255c351e54ab

postgresql-docs-13.10-1.el9_1.ppc64le.rpm

SHA-256: 801be8c32b5d904b5e0545e7e90be94d58503b9d2d22d3e18d6a1cb83c7dd059

postgresql-docs-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 7f9b1ac2f4f000e74ea57f66a5a586b632a9cc304a768cd8e935832212659f33

postgresql-plperl-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 22944248113996d692d33a1de3266faeca83f70bdf88d19ffc60a3aa594ebb38

postgresql-plpython3-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 6fb61c9b8d6367468c6fa19770b1888883cf9597a85ebd3c3bea7bd3a77747e0

postgresql-pltcl-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 608990e33d441fac1a5d544c6fd83f0da8d9018555ef762be7703da3c4828047

postgresql-private-devel-13.10-1.el9_1.ppc64le.rpm

SHA-256: d130f8376128e11d0483bf91a9714538f90bb677943ec5ad8b3d34c4c11f193e

postgresql-private-libs-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 9aefae518a25a9d3eb14f779d910f79f7364403e6ace66819cc359fd8247269e

postgresql-server-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 34b918542add765c800f2537ab4d49faeea61f52f90add7437ce360acfa26f8a

postgresql-server-devel-13.10-1.el9_1.ppc64le.rpm

SHA-256: 67f5573699637f9179c6d96154c0e99ff3581348b1223c70816ce0eae9fd060e

postgresql-server-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 9aca130fe4d050e2142047afd67a0d88fe67afcbdd869c92fcd72a2755983970

postgresql-static-13.10-1.el9_1.ppc64le.rpm

SHA-256: 66b2b4204994c6f6f5349b8c34dd3eae3c18afc1186f334c3ed509aafd1d8a35

postgresql-test-13.10-1.el9_1.ppc64le.rpm

SHA-256: 7a40aacf3ca924902235989555e823f062b2246c97e5352de1646a6fec918189

postgresql-test-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 4ad08189c6368c0e0e3ee7af1c1db9cfbf63de688a097ae3dd1e5e5baec8a051

postgresql-upgrade-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: b4ad58c8ceff62dfecafa540a33222d70e505ca4ee32988dd21bde316c44981a

postgresql-upgrade-devel-13.10-1.el9_1.ppc64le.rpm

SHA-256: 04f859aedb5eab53829161903a971469792671254ff46c6da697c881e1d5d98c

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.ppc64le.rpm

SHA-256: 104445d0ec95b467d0206ee857b0960619419c2b702545f951aaa0751a8d57ba

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM

aarch64

postgresql-contrib-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: f727fe7bebe65291ec7ef12ebe14816d9ca131a50d4fd14f8b00fa731f1ba746

postgresql-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: f798a4c92d12ba4e62b5fd40328d09c0b344be4cf38fa69ac258804483881a39

postgresql-debugsource-13.10-1.el9_1.aarch64.rpm

SHA-256: eeb7866866301a9267b5d3a9a1f80f89b436f74f0d9e7c6efe491519a7f1e8c2

postgresql-docs-13.10-1.el9_1.aarch64.rpm

SHA-256: 4b0b13a2548afe14960f29573c639e98a0ef1cf675e02319777ebbbcaaddf87c

postgresql-docs-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 925fdb44f0ef38b7570c7d06f037e42391210080730d0575568e437082824ac4

postgresql-plperl-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: ef58728e1b385a33bdcaa3dd570385b2591038aedc68e65a8fe7c69accd82d4c

postgresql-plpython3-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: cdc3e30a6dd03e83552863d3325feae96bb26f6c64b8384dfeb3d091a3d7fe2d

postgresql-pltcl-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 16e42197390b13a0d03a5529a77e96a74f1c7c1b2287ced3b66dd547cbb32603

postgresql-private-devel-13.10-1.el9_1.aarch64.rpm

SHA-256: 826cb459e8d5f5954ce4ef84bad9498ec20def8e991bf21143f6011aa5a90899

postgresql-private-libs-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 613bb6d1e89bc7a495134ccfb4fb77ff74d42d49b3221e22d60ad3c271fd9623

postgresql-server-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 22ef884a2557d26e0ee6d524ffac4346d3e67608879379420d6b369d07ae2743

postgresql-server-devel-13.10-1.el9_1.aarch64.rpm

SHA-256: 12598029de63a14a3e9f08601f17eb327409c48e9ac1a0683767e779b633f14a

postgresql-server-devel-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 95576347a9eae07a252949c210a8ed4141c22ae7dce158090b8f8c8a7337558a

postgresql-static-13.10-1.el9_1.aarch64.rpm

SHA-256: f378cb98b2071c40a9657fe65683416b280b34efc65bd777fcfb38d69eb60d8e

postgresql-test-13.10-1.el9_1.aarch64.rpm

SHA-256: ebac50064054e1642b6449f06831ec195e236c692814b35d6c15c13faaced022

postgresql-test-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: b3fb683513885f5d97f601466d1cf631ca506e2318aa8ae1f6af62cf1e4a673a

postgresql-upgrade-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 2ed5c60583722c11d5509fd115d72debc4e20d39fc3f0b57f28436cc12956973

postgresql-upgrade-devel-13.10-1.el9_1.aarch64.rpm

SHA-256: 66ac719dea2d4c74c7887c24b605f6e3eaafda54e8f68c99bf197e204309d802

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.aarch64.rpm

SHA-256: 228c325f908e976a1b36937749521d7bcd75d915da1607203e5d8b968f549805

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM

s390x

postgresql-contrib-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: e02373b0077f4f7d8b0c0a7e82cf9cf5fd02ba98d23d73979e758e63075f8e0c

postgresql-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: c2fc25f81fdfd31b5f1e3b40b59bc9cc89541fc58fb221250e0358d45564059a

postgresql-debugsource-13.10-1.el9_1.s390x.rpm

SHA-256: 1ca3f9fb4966835963206336f84c83507ef626f9dfadc63eccda9d97a61bda5f

postgresql-docs-13.10-1.el9_1.s390x.rpm

SHA-256: f1af0d708bf62474d3b7f1fdb54335e64b11201d5d546c14c0fa72217038dc02

postgresql-docs-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 736f36581551d9805b5439d7b05eba83be519eb599690beb10f5a66e4e4237ac

postgresql-plperl-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: c6693d175697481cf47516743f8c812fdefb1d5941438eedb5986dacec8b9bab

postgresql-plpython3-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 44b280523506e65355608f1d85ed50e0bee4f9c1ba10aedba55f1813195ee502

postgresql-pltcl-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 2843b136f0f1cd9dd194a7d26419a5d518364c4afe94b2283e357b9964007c61

postgresql-private-devel-13.10-1.el9_1.s390x.rpm

SHA-256: 41b471c8e80e5cd9a2c840579c31c54978b6ae706fad64877cea60c3e10f6401

postgresql-private-libs-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 61e3d372feb1f7f8770851583e3b5f5e68c6714c41e16b3844aa340826a10568

postgresql-server-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: deefd6f36e03b89e3a2768c00112b5b26835436e8bdb211dbd336c872bb33870

postgresql-server-devel-13.10-1.el9_1.s390x.rpm

SHA-256: 6b0f765b1591ee52ef61377fe45deb443b07f547f89d86f01d09cbc85dd9fb48

postgresql-server-devel-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 7c63bd33c8c32efca806857d17b883ea2b628165d3a9c91ec593fb298ab4126f

postgresql-static-13.10-1.el9_1.s390x.rpm

SHA-256: e25348ee18495a01f01fea4d03dc425e1e2078f435f4cb3d70e2b45415ef7358

postgresql-test-13.10-1.el9_1.s390x.rpm

SHA-256: 04202df2904f35d2e205623f499d94c8cf8cdf2d7f2fa73cfbb5beda62f8a0dd

postgresql-test-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: ab5a07539c9b379c65c2617ef594b96c3f015c2e4bfbf3b65a324c1a0cc7f357

postgresql-upgrade-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: 277b6fb3ce1ac88379867581f9f8b8c7a39dc9e182ca1cdba4d62b315755b1db

postgresql-upgrade-devel-13.10-1.el9_1.s390x.rpm

SHA-256: 915b2fb5361a7f7a5068264660d0f17351df8909c1aa26fa393912dcefe87449

postgresql-upgrade-devel-debuginfo-13.10-1.el9_1.s390x.rpm

SHA-256: e296afc7c9c9e0e7644d753588175f6d8638522d50f6ce249da7f35758b9ad98

Related news

Red Hat Security Advisory 2023-7695-03

Red Hat Security Advisory 2023-7695-03 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7694-03

Red Hat Security Advisory 2023-7694-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7667-03

Red Hat Security Advisory 2023-7667-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7580-01

Red Hat Security Advisory 2023-7580-01 - An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7545-01

Red Hat Security Advisory 2023-7545-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-4535-01

Red Hat Security Advisory 2023-4535-01 - PostgreSQL is an advanced object-relational database management system.

CVE-2023-32463: DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities

Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.

RHSA-2023:1576: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or ...

RHSA-2023:1576: Red Hat Security Advisory: postgresql:13 security update

An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or ...

CVE-2022-41862: Client memory disclosure when connecting, with Kerberos, to modified server

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.

Ubuntu Security Notice USN-5906-1

Ubuntu Security Notice 5906-1 - Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information.

Red Hat Security Advisory 2023-0160-01

Red Hat Security Advisory 2023-0160-01 - PostgreSQL is an advanced object-relational database management system.

Red Hat Security Advisory 2023-0113-01

Red Hat Security Advisory 2023-0113-01 - PostgreSQL is an advanced object-relational database management system.

RHSA-2023:0160: Red Hat Security Advisory: rh-postgresql10-postgresql security and bug fix update

An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.

RHSA-2023:0113: Red Hat Security Advisory: postgresql:10 security update

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.

Gentoo Linux Security Advisory 202211-04

Gentoo Linux Security Advisory 202211-4 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in remote code execution. Versions greater than or equal to 10.22:10 are affected.

RHSA-2022:7128: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2625: postgresql: Extension scripts replace objects not belonging to the extension.

Ubuntu Security Notice USN-5571-1

Ubuntu Security Notice 5571-1 - Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated.

CVE-2022-2625: Invalid Bug ID

A vulnerability found in postgresql. On this security issue an attack requires permission to create non-temporary objects in at least one schema, ability to lure or wait for an administrator to create or update an affected extension in that schema, and ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, the attacker can run arbitrary code as the victim role, which may be a superuser. Known-affected extensions include both PostgreSQL-bundled and non-bundled extensions. PostgreSQL blocks this attack in the core server, so there's no need to modify individual extensions.

CVE-2020-25695: PostgreSQL: Security Information

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.