Download
| Alert*
oval:org.secpod.oval:def:506630
PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql . Security Fix: * postgresql: memory disclosure in certain queries * postgresql: server processes unencrypted bytes from man-in- ... oval:org.secpod.oval:def:506629 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql13-postgresql . Security Fix: * postgresql: memory disclosure in certain queries * postgresql: server processes unencrypted bytes from man-in- ... oval:org.secpod.oval:def:506931 The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fix: * postgresql: libpq processes unencrypted bytes from man-in-the-middle For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:89045796 This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045831 This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045770 This update for postgresql96 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045771 This update for postgresql12 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045778 This update for postgresql, postgresql13 and postgresql14 fixes the following issues: Security issues fixed: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshak ... oval:org.secpod.oval:def:121383 pgbouncer is a lightweight connection pooler for PostgreSQL and uses libevent for low-level socket handling. oval:org.secpod.oval:def:88321 Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. oval:org.secpod.oval:def:605681 Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. oval:org.secpod.oval:def:89047284 This update for postgresql13 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:605679 Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. oval:org.secpod.oval:def:76595 postgresql-13: Object-relational SQL database - postgresql-12: Object-relational SQL database - postgresql-10: Object-relational SQL database PostgreSQL could allow unintended access to network services. oval:org.secpod.oval:def:76571 Jacob Champion discovered two vulnerabilities in the PostgreSQL database system, which could result in man-in-the-middle attacks. oval:org.secpod.oval:def:89049457 This update for postgresql12 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89047311 This update for postgresql14 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . - Let rpmlint ignore shlib-policy-name-error . oval:org.secpod.oval:def:706217 postgresql-13: Object-relational SQL database - postgresql-12: Object-relational SQL database - postgresql-10: Object-relational SQL database PostgreSQL could allow unintended access to network services. oval:org.secpod.oval:def:4501065 The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fix: * postgresql: libpq processes unencrypted bytes from man-in-the-middle For more details about the security issue, including the impact, a CVSS score, acknowledgment ... oval:org.secpod.oval:def:2500687 The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. oval:org.secpod.oval:def:1505666 [13.5-1] - Rebase to 13.5 Resolves: #2023294 oval:org.secpod.oval:def:89046930 This update for postgresql12 fixes the following issues: - Upgrade to 12.12: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to 12.11: - CVE-2022-1552: Confined additional operations within security restricted operation sandbo ... oval:org.secpod.oval:def:89046910 This update for postgresql10 fixes the following issues: - Upgrade to 10.22: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to 10.21: - CVE-2022-1552: Confined additional operations within security restricted operation sandbo ... oval:org.secpod.oval:def:1701700 A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not ... oval:org.secpod.oval:def:1701751 A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not ... oval:org.secpod.oval:def:1701794 A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not ... oval:org.secpod.oval:def:1702182 A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption oval:org.secpod.oval:def:1702179 A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption |