Download
| Alert*
oval:org.secpod.oval:def:506218
PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT . ... oval:org.secpod.oval:def:506216 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT ... oval:org.secpod.oval:def:89045526 This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - Don"t use _stop_on_removal, be ... oval:org.secpod.oval:def:72081 Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content. oval:org.secpod.oval:def:89044398 This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - Don"t use %_stop_on_removal, b ... oval:org.secpod.oval:def:89044397 This update for postgresql12 fixes the following issues: - Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly- ... oval:org.secpod.oval:def:506224 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql13-postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory discl ... oval:org.secpod.oval:def:506223 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql10-postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory discl ... oval:org.secpod.oval:def:506222 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory discl ... oval:org.secpod.oval:def:506204 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT ... oval:org.secpod.oval:def:506209 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT . ... oval:org.secpod.oval:def:89045695 This update for postgresql10 fixes the following issues: - Fix for build with llvm12 on s390x. - Re-enable "icu" for PostgreSQL 10. - Add postgresqlXX-server-devel as a dependency for postgresql13-server-devel. - Upgrade to version 10.18. Upgrade to version 10.17 : - CVE-2021-32027: Fixed intege ... oval:org.secpod.oval:def:89044382 This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly- ... oval:org.secpod.oval:def:87207 The host is installed with PostgreSQL 9.6.x before 9.6.22, 10.x before 10.17, 11.x before 11.12, 12.x before 12.7 or 13.x before 13.3 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle the INSERT ... ON CONFLICT ... DO UPDATE command o ... oval:org.secpod.oval:def:89049482 This update for postgresql12 fixes the following issues: Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly-in ... oval:org.secpod.oval:def:706028 postgresql-13: Object-relational SQL database - postgresql-12: Object-relational SQL database - Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:73429 postgresql-10: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:605525 Multiple security issues have been discovered in the PostgreSQL database system, which could result in the execution of arbitrary code or disclosure of memory content. oval:org.secpod.oval:def:73647 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT ... oval:org.secpod.oval:def:73646 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT . ... oval:org.secpod.oval:def:73426 postgresql-13: Object-relational SQL database - postgresql-12: Object-relational SQL database - Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:73641 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT . ... oval:org.secpod.oval:def:73642 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT ... oval:org.secpod.oval:def:4500076 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:89049506 This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - Don"t use %_stop_on_removal, b ... oval:org.secpod.oval:def:4500028 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:89046930 This update for postgresql12 fixes the following issues: - Upgrade to 12.12: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to 12.11: - CVE-2022-1552: Confined additional operations within security restricted operation sandbo ... oval:org.secpod.oval:def:1701725 A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. ... oval:org.secpod.oval:def:1701647 A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. ... oval:org.secpod.oval:def:1504965 [9.6.22-1] - Rebase to 9.6.22 Resolves: #1964516 Fix: CVE-2021-32027, CVE-2021-32028 oval:org.secpod.oval:def:2500432 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:4500041 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:4500025 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:1701749 A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. ... oval:org.secpod.oval:def:1505083 [10.17-1] - Update to 10.17 Resolves: CVE-2021-32027 Also fixes: CVE-2021-32028 oval:org.secpod.oval:def:2500483 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:73187 postgresql-10: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:1504975 pgaudit [1.5.0-1] - Update to version 1.5.0 Related: #1855776 postgresql [13.3-1] - Update to 13.3 Resolves: #1966338 Fix: CVE-2021-32027,CVE-2021-32028,CVE-2021-32029 oval:org.secpod.oval:def:2500247 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:1504973 pgaudit [1.4.0-6] - Fix build requires [1.4.0-5] - Fix build requires postgresql [12.7-1] - Update to 12.7 Resolves: #1964510 Fix: CVE-2021-32027,CVE-2021-32028 oval:org.secpod.oval:def:89047176 This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly- ... oval:org.secpod.oval:def:2500364 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:1504956 [10.17-1] - Update to 10.17 Resolves: #1964520 Fix: CVE-2021-32027, CVE-2021-32028 |