Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2022:1830

Опубликовано: 10 мая 2022
Источник: rocky
Оценка: SEVERITY_MODERATE

Описание

Moderate: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: postgresql (10.19). (BZ#2023231) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
postgresqlx86_641.module+el8.6.0+802+f92d3c38postgresql-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-contribx86_641.module+el8.6.0+802+f92d3c38postgresql-contrib-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-docsx86_641.module+el8.6.0+802+f92d3c38postgresql-docs-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-plperlx86_641.module+el8.6.0+802+f92d3c38postgresql-plperl-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-plpython3x86_641.module+el8.6.0+802+f92d3c38postgresql-plpython3-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-pltclx86_641.module+el8.6.0+802+f92d3c38postgresql-pltcl-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-serverx86_641.module+el8.6.0+802+f92d3c38postgresql-server-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-server-develx86_641.module+el8.6.0+802+f92d3c38postgresql-server-devel-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-staticx86_641.module+el8.6.0+802+f92d3c38postgresql-static-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm
postgresql-testx86_641.module+el8.6.0+802+f92d3c38postgresql-test-10.19-1.module+el8.6.0+802+f92d3c38.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-23214

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-23214

CVSS3: 8.1
ubuntu
больше 3 лет назад

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.

redhat логотип

CVE-2021-23214

CVSS3: 8.1
redhat
больше 3 лет назад

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.

nvd логотип

CVE-2021-23214

CVSS3: 8.1
nvd
больше 3 лет назад

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.

msrc логотип

CVE-2021-23214

CVSS3: 8.1
msrc
больше 3 лет назад

Описание отсутствует

debian логотип

CVE-2021-23214

CVSS3: 8.1
debian
больше 3 лет назад

When the server is configured to use trust authentication with a clien ...