Описание
ELSA-2022-4771: postgresql security update (IMPORTANT)
[13.7-1]
- Resolves: CVE-2022-1552
- Update to 13.7
- Release notes: https://www.postgresql.org/docs/release/13.7/
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
postgresql
13.7-1.el9_0
postgresql-contrib
13.7-1.el9_0
postgresql-plperl
13.7-1.el9_0
postgresql-plpython3
13.7-1.el9_0
postgresql-pltcl
13.7-1.el9_0
postgresql-private-devel
13.7-1.el9_0
postgresql-private-libs
13.7-1.el9_0
postgresql-server
13.7-1.el9_0
postgresql-server-devel
13.7-1.el9_0
postgresql-test
13.7-1.el9_0
postgresql-upgrade
13.7-1.el9_0
Oracle Linux x86_64
postgresql
13.7-1.el9_0
postgresql-contrib
13.7-1.el9_0
postgresql-plperl
13.7-1.el9_0
postgresql-plpython3
13.7-1.el9_0
postgresql-pltcl
13.7-1.el9_0
postgresql-private-devel
13.7-1.el9_0
postgresql-private-libs
13.7-1.el9_0
postgresql-server
13.7-1.el9_0
postgresql-server-devel
13.7-1.el9_0
postgresql-test
13.7-1.el9_0
postgresql-upgrade
13.7-1.el9_0
Связанные CVE
Связанные уязвимости
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete effo ...