Описание
ELSA-2024-6000: postgresql:12 security update (IMPORTANT)
pgaudit pg_repack postgres-decoderbufs
postgresql [12.20-1]
- Update to 12.20
- Fix CVE-2024-7348
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module postgresql:12 is enabled
pg_repack
1.4.6-3.module+el8.9.0+90107+c48bae1a
pgaudit
1.4.0-7.module+el8.10.0+90397+67dad74f
postgres-decoderbufs
0.10.0-2.module+el8.9.0+90107+c48bae1a
postgresql
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-contrib
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-docs
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-plperl
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-plpython3
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-pltcl
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-server
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-server-devel
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-static
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-test
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-test-rpm-macros
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-upgrade
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-upgrade-devel
12.20-1.module+el8.10.0+90397+67dad74f
Oracle Linux x86_64
Module postgresql:12 is enabled
pg_repack
1.4.6-3.module+el8.9.0+90107+c48bae1a
pgaudit
1.4.0-7.module+el8.10.0+90397+67dad74f
postgres-decoderbufs
0.10.0-2.module+el8.9.0+90107+c48bae1a
postgresql
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-contrib
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-docs
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-plperl
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-plpython3
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-pltcl
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-server
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-server-devel
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-static
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-test
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-test-rpm-macros
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-upgrade
12.20-1.module+el8.10.0+90397+67dad74f
postgresql-upgrade-devel
12.20-1.module+el8.10.0+90397+67dad74f
Связанные CVE
Связанные уязвимости
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ...