RLSA-2021:2360

Опубликовано: 09 июн. 2021

Источник: rocky

Оценка: Important

Описание

Important: postgresql:9.6 security update

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (9.6.22)

Security Fix(es):

postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)
postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
postgresql	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-contrib	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-contrib-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-docs	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-docs-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-plperl	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-plperl-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-plpython3	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-plpython3-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-pltcl	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-pltcl-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-server	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-server-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-server-devel	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-server-devel-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-static	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-static-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm
postgresql-test	x86_64	1.module+el8.5.0+687+7cd82e08	postgresql-test-9.6.22-1.module+el8.5.0+687+7cd82e08.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-32027

CVE-2021-32028

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=1956876
Red Hat - 1956876
https://bugzilla.redhat.com/show_bug.cgi?id=1956877
Red Hat - 1956877

Связанные уязвимости