Download
| Alert*
oval:org.secpod.oval:def:89002990
This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:62032 postgresql-11: Object-relational SQL database - postgresql-10: Object-relational SQL database PostgreSQL could allow unintended access to the database. oval:org.secpod.oval:def:89003026 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:61771 Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks. oval:org.secpod.oval:def:89002866 This update for postgresql10 and postgresql12 fixes the following issues: postgresql10 was updated to 10.13 . https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html postgresql10 was updated to 10.12 - https://www.postgresql.org/about/news/2011/ - https://w ... oval:org.secpod.oval:def:62156 The host is installed with PostgreSQL 9.x before 9.6.17, 10.x before 10.12 and 11.x before 11.7 or 12.x before 12.2 and is prone to a database corruption vulnerability. A flaw is present in the application which fails to handle an authorization check issue in PostgreSQL's "ALTER ... DEPENDS ON EXTEN ... oval:org.secpod.oval:def:505092 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql10-postgresql . Security Fix: * PostgreSQL: stack-based buffer overflow via setting a password * PostgreSQL: ALTER ... DEPENDS ON EXTENSION is ... oval:org.secpod.oval:def:505200 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql . Security Fix: * postgresql: Uncontrolled search path element in logical replication * postgresql: Uncontrolled search path ele ... oval:org.secpod.oval:def:505248 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Reconnection can downgrade connection security settings * postgresql: Multiple features escape security restricted ... oval:org.secpod.oval:def:505253 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Reconnection can downgrade connection security settings * postgresql: Multiple features escape security restricted ... oval:org.secpod.oval:def:504987 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql96-postgresql . Security Fix: * postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution * postgresql: Uncontroll ... oval:org.secpod.oval:def:66574 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Stack-based buffer overflow via setting a password * postgresql: TYPE in pg_temp executes arbitrary SQL during SEC ... oval:org.secpod.oval:def:89050409 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:1601201 PostgreSQL maintains column statistics for tables. Certain statistics, such as histograms and lists of most common values, contain values taken from the column. PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this t ... oval:org.secpod.oval:def:69804 Tom Lane discovered that ALTER ... DEPENDS ON EXTENSION sub commands in the PostgreSQL database did not perform authorisation checks. oval:org.secpod.oval:def:89000614 This update for postgresql96 fixes the following issues: PostgreSQL was updated to version 9.6.17. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:1503032 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69633 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Reconnection can downgrade connection security settings * postgresql: Multiple features escape security restricted ... oval:org.secpod.oval:def:69632 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Reconnection can downgrade connection security settings * postgresql: Multiple features escape security restricted ... oval:org.secpod.oval:def:1504988 [10.15-1] - Rebase to upstream release 10.15 Resolves: CVE-2020-25695 Resolves: CVE-2020-25694 Resolves: CVE-2020-25696 [10.14-1] - Rebase to upstream release 10.14 https://www.postgresql.org/docs/10/release-10-14.html [10.12-2] - Filter provides RHBZ#1719549 [10.12-1] - Rebase to upstream version 1 ... oval:org.secpod.oval:def:705388 postgresql-11: Object-relational SQL database - postgresql-10: Object-relational SQL database PostgreSQL could allow unintended access to the database. oval:org.secpod.oval:def:604747 Tom Lane discovered that quot;ALTER ... DEPENDS ON EXTENSIONquot; sub commands in the PostgreSQL database did not perform authorisation checks. oval:org.secpod.oval:def:604746 Tom Lane discovered that ALTER ... DEPENDS ON EXTENSION sub commands in the PostgreSQL database did not perform authorisation checks. oval:org.secpod.oval:def:504281 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Stack-based buffer overflow via setting a password * postgresql: TYPE in pg_temp executes arbitrary SQL during SEC ... oval:org.secpod.oval:def:1503160 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1503163 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500083 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:2500148 PostgreSQL is an advanced object-relational database management system . |