Описание
ELSA-2023-0113: postgresql:10 security update (MODERATE)
[10.23-1]
- Fix CVE-2022-2625
- Resolves: #2143167
- Rebase to 10.23
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module postgresql:10 is enabled
postgresql
10.23-1.module+el8.7.0+20896+16771be9
postgresql-contrib
10.23-1.module+el8.7.0+20896+16771be9
postgresql-docs
10.23-1.module+el8.7.0+20896+16771be9
postgresql-plperl
10.23-1.module+el8.7.0+20896+16771be9
postgresql-plpython3
10.23-1.module+el8.7.0+20896+16771be9
postgresql-pltcl
10.23-1.module+el8.7.0+20896+16771be9
postgresql-server
10.23-1.module+el8.7.0+20896+16771be9
postgresql-server-devel
10.23-1.module+el8.7.0+20896+16771be9
postgresql-static
10.23-1.module+el8.7.0+20896+16771be9
postgresql-test
10.23-1.module+el8.7.0+20896+16771be9
postgresql-test-rpm-macros
10.23-1.module+el8.7.0+20896+16771be9
postgresql-upgrade
10.23-1.module+el8.7.0+20896+16771be9
postgresql-upgrade-devel
10.23-1.module+el8.7.0+20896+16771be9
Oracle Linux x86_64
Module postgresql:10 is enabled
postgresql
10.23-1.module+el8.7.0+20896+16771be9
postgresql-contrib
10.23-1.module+el8.7.0+20896+16771be9
postgresql-docs
10.23-1.module+el8.7.0+20896+16771be9
postgresql-plperl
10.23-1.module+el8.7.0+20896+16771be9
postgresql-plpython3
10.23-1.module+el8.7.0+20896+16771be9
postgresql-pltcl
10.23-1.module+el8.7.0+20896+16771be9
postgresql-server
10.23-1.module+el8.7.0+20896+16771be9
postgresql-server-devel
10.23-1.module+el8.7.0+20896+16771be9
postgresql-static
10.23-1.module+el8.7.0+20896+16771be9
postgresql-test
10.23-1.module+el8.7.0+20896+16771be9
postgresql-test-rpm-macros
10.23-1.module+el8.7.0+20896+16771be9
postgresql-upgrade
10.23-1.module+el8.7.0+20896+16771be9
postgresql-upgrade-devel
10.23-1.module+el8.7.0+20896+16771be9
Связанные CVE
Связанные уязвимости
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
A vulnerability was found in PostgreSQL. This attack requires permissi ...