Описание
ELSA-2024-6018: postgresql:13 security update (IMPORTANT)
pgaudit pg_repack postgres-decoderbufs postgresql [13.16-1]
- Update to 13.16
- Fix CVE-2024-7348
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module postgresql:13 is enabled
pg_repack
1.4.6-3.module+el8.9.0+90098+1560b6c2
pgaudit
1.5.0-1.module+el8.9.0+90098+1560b6c2
postgres-decoderbufs
0.10.0-2.module+el8.9.0+90098+1560b6c2
postgresql
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-contrib
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-docs
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-plperl
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-plpython3
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-pltcl
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-server
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-server-devel
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-static
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-test
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-test-rpm-macros
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-upgrade
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-upgrade-devel
13.16-1.module+el8.10.0+90398+791f18a8
Oracle Linux x86_64
Module postgresql:13 is enabled
pg_repack
1.4.6-3.module+el8.9.0+90098+1560b6c2
pgaudit
1.5.0-1.module+el8.9.0+90098+1560b6c2
postgres-decoderbufs
0.10.0-2.module+el8.9.0+90098+1560b6c2
postgresql
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-contrib
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-docs
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-plperl
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-plpython3
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-pltcl
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-server
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-server-devel
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-static
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-test
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-test-rpm-macros
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-upgrade
13.16-1.module+el8.10.0+90398+791f18a8
postgresql-upgrade-devel
13.16-1.module+el8.10.0+90398+791f18a8
Связанные CVE
Связанные уязвимости
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in Postgr ...