Описание
ELSA-2022-4807: postgresql:12 security update (IMPORTANT)
postgresql [12.11-2]
- Resolves: CVE-2022-1552
- Release bump due to wrongly reported CVE of libpq Build after reverted changes in libpq package
[12.11-1]
- Resolves: CVE-2022-1552
- Update to 12.11
- Release notes: https://www.postgresql.org/docs/release/12.11/
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module postgresql:12 is enabled
pg_repack
1.4.6-3.module+el8.5.0+20333+86306fc7
pgaudit
1.4.0-5.module+el8.5.0+20333+86306fc7
postgres-decoderbufs
0.10.0-2.module+el8.5.0+20333+86306fc7
postgresql
12.11-2.module+el8.6.0+20676+128a094e
postgresql-contrib
12.11-2.module+el8.6.0+20676+128a094e
postgresql-docs
12.11-2.module+el8.6.0+20676+128a094e
postgresql-plperl
12.11-2.module+el8.6.0+20676+128a094e
postgresql-plpython3
12.11-2.module+el8.6.0+20676+128a094e
postgresql-pltcl
12.11-2.module+el8.6.0+20676+128a094e
postgresql-server
12.11-2.module+el8.6.0+20676+128a094e
postgresql-server-devel
12.11-2.module+el8.6.0+20676+128a094e
postgresql-static
12.11-2.module+el8.6.0+20676+128a094e
postgresql-test
12.11-2.module+el8.6.0+20676+128a094e
postgresql-test-rpm-macros
12.11-2.module+el8.6.0+20676+128a094e
postgresql-upgrade
12.11-2.module+el8.6.0+20676+128a094e
postgresql-upgrade-devel
12.11-2.module+el8.6.0+20676+128a094e
Oracle Linux x86_64
Module postgresql:12 is enabled
pg_repack
1.4.6-3.module+el8.5.0+20333+86306fc7
pgaudit
1.4.0-5.module+el8.5.0+20333+86306fc7
postgres-decoderbufs
0.10.0-2.module+el8.5.0+20333+86306fc7
postgresql
12.11-2.module+el8.6.0+20676+128a094e
postgresql-contrib
12.11-2.module+el8.6.0+20676+128a094e
postgresql-docs
12.11-2.module+el8.6.0+20676+128a094e
postgresql-plperl
12.11-2.module+el8.6.0+20676+128a094e
postgresql-plpython3
12.11-2.module+el8.6.0+20676+128a094e
postgresql-pltcl
12.11-2.module+el8.6.0+20676+128a094e
postgresql-server
12.11-2.module+el8.6.0+20676+128a094e
postgresql-server-devel
12.11-2.module+el8.6.0+20676+128a094e
postgresql-static
12.11-2.module+el8.6.0+20676+128a094e
postgresql-test
12.11-2.module+el8.6.0+20676+128a094e
postgresql-test-rpm-macros
12.11-2.module+el8.6.0+20676+128a094e
postgresql-upgrade
12.11-2.module+el8.6.0+20676+128a094e
postgresql-upgrade-devel
12.11-2.module+el8.6.0+20676+128a094e
Связанные CVE
Связанные уязвимости
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete effo ...