ELSA-2021-5236

Опубликовано: 22 дек. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-5236: postgresql:13 security update (MODERATE)

postgresql [13.5-1]

Update to 13.5
Resolves: #2024608

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module postgresql:13 is enabled

pg_repack

1.4.6-3.module+el8.5.0+20353+e924f9ed

pgaudit

1.5.0-1.module+el8.4.0+20016+06fd4df3

postgres-decoderbufs

0.10.0-2.module+el8.4.0+20016+06fd4df3

postgresql

13.5-1.module+el8.5.0+20464+55827c52

postgresql-contrib

13.5-1.module+el8.5.0+20464+55827c52

postgresql-docs

13.5-1.module+el8.5.0+20464+55827c52

postgresql-plperl

13.5-1.module+el8.5.0+20464+55827c52

postgresql-plpython3

13.5-1.module+el8.5.0+20464+55827c52

postgresql-pltcl

13.5-1.module+el8.5.0+20464+55827c52

postgresql-server

13.5-1.module+el8.5.0+20464+55827c52

postgresql-server-devel

13.5-1.module+el8.5.0+20464+55827c52

postgresql-static

13.5-1.module+el8.5.0+20464+55827c52

postgresql-test

13.5-1.module+el8.5.0+20464+55827c52

postgresql-test-rpm-macros

13.5-1.module+el8.5.0+20464+55827c52

postgresql-upgrade

13.5-1.module+el8.5.0+20464+55827c52

postgresql-upgrade-devel

13.5-1.module+el8.5.0+20464+55827c52

Oracle Linux x86_64

Module postgresql:13 is enabled

pg_repack

1.4.6-3.module+el8.5.0+20353+e924f9ed

pgaudit

1.5.0-1.module+el8.4.0+20016+06fd4df3

postgres-decoderbufs

0.10.0-2.module+el8.4.0+20016+06fd4df3

postgresql

13.5-1.module+el8.5.0+20464+55827c52

postgresql-contrib

13.5-1.module+el8.5.0+20464+55827c52

postgresql-docs

13.5-1.module+el8.5.0+20464+55827c52

postgresql-plperl

13.5-1.module+el8.5.0+20464+55827c52

postgresql-plpython3

13.5-1.module+el8.5.0+20464+55827c52

postgresql-pltcl

13.5-1.module+el8.5.0+20464+55827c52

postgresql-server

13.5-1.module+el8.5.0+20464+55827c52

postgresql-server-devel

13.5-1.module+el8.5.0+20464+55827c52

postgresql-static

13.5-1.module+el8.5.0+20464+55827c52

postgresql-test

13.5-1.module+el8.5.0+20464+55827c52

postgresql-test-rpm-macros

13.5-1.module+el8.5.0+20464+55827c52

postgresql-upgrade

13.5-1.module+el8.5.0+20464+55827c52

postgresql-upgrade-devel

13.5-1.module+el8.5.0+20464+55827c52

Связанные CVE

CVE-2021-3677

CVE-2021-23214

Ссылки на источники

Связанные уязвимости

RLSA-2021:5236

rocky

больше 3 лет назад

Moderate: postgresql:13 security update

RLSA-2021:5235

rocky

больше 3 лет назад

Moderate: postgresql:12 security update

ELSA-2021-5235

oracle-oval

больше 3 лет назад

ELSA-2021-5235: postgresql:12 security update (MODERATE)

SUSE-SU-2022:2958-1

suse-cvrf

почти 3 года назад

Security update for postgresql12

CVE-2021-3677

CVSS3: 6.5

ubuntu

больше 3 лет назад

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0, the known versions of this attack are infeasible. However, undiscovered variants of the attack may be independent of that setting.