ELSA-2021-5235

Опубликовано: 22 дек. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-5235: postgresql:12 security update (MODERATE)

postgresql [12.9-1]

Update to 12.9
Resolves: #2024677

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module postgresql:12 is enabled

pg_repack

1.4.6-3.module+el8.5.0+20333+86306fc7

pgaudit

1.4.0-5.module+el8.5.0+20333+86306fc7

postgres-decoderbufs

0.10.0-2.module+el8.5.0+20333+86306fc7

postgresql

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-contrib

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-docs

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-plperl

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-plpython3

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-pltcl

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-server

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-server-devel

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-static

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-test

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-test-rpm-macros

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-upgrade

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-upgrade-devel

12.9-1.module+el8.5.0+20463+3d6b40f2

Oracle Linux x86_64

Module postgresql:12 is enabled

pg_repack

1.4.6-3.module+el8.5.0+20333+86306fc7

pgaudit

1.4.0-5.module+el8.5.0+20333+86306fc7

postgres-decoderbufs

0.10.0-2.module+el8.5.0+20333+86306fc7

postgresql

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-contrib

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-docs

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-plperl

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-plpython3

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-pltcl

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-server

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-server-devel

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-static

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-test

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-test-rpm-macros

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-upgrade

12.9-1.module+el8.5.0+20463+3d6b40f2

postgresql-upgrade-devel

12.9-1.module+el8.5.0+20463+3d6b40f2

Связанные CVE

CVE-2021-3677

CVE-2021-23214

Ссылки на источники

Связанные уязвимости

RLSA-2021:5236

rocky

больше 3 лет назад

Moderate: postgresql:13 security update

RLSA-2021:5235

rocky

больше 3 лет назад

Moderate: postgresql:12 security update

ELSA-2021-5236

oracle-oval

больше 3 лет назад

ELSA-2021-5236: postgresql:13 security update (MODERATE)

SUSE-SU-2022:2958-1

suse-cvrf

почти 3 года назад

Security update for postgresql12

CVE-2021-3677

CVSS3: 6.5

ubuntu

больше 3 лет назад

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.