Download
| Alert*
oval:org.secpod.oval:def:508150
PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:3301912 Security update for postgresql15 oval:org.secpod.oval:def:92534 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:89049281 This update for postgresql15 fixes the following issues: * Update to 15.4 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions. * CVE-2023-39418: Fix MERGE to enforce row security oval:org.secpod.oval:def:19500472 While CVE-2016-2193 fixed most interaction between row security and user ID changes, it missed a scenario involving function inlining. This leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then execut ... oval:org.secpod.oval:def:93839 The host is installed with PostgreSQL 15.x before 15.4 and is prone to an unspecified vulnerability. A flaw is present in the application which fails to properly handle the MERGE command. Successful exploitation allows attackers to store rows that are forbidden by UPDATE and SELECT policies and not ... oval:org.secpod.oval:def:95389 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:2600470 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:508028 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:612798 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:1507203 pgaudit pg_repack postgres-decoderbufs postgresql [15.5-1] - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139 oval:org.secpod.oval:def:1507231 pgaudit [1.7.0-1] - Update to 1.7.0 - Support postgresql 15 - Related: #2128241 [1.5.0-1] - Update to version 1.5.0 Related: #1855776 pg_repack [1.4.8-1] - Update to version 1.4.8 - Postgresql 15 is supported - Related: #2128241 [1.4.6-4] - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rh ... oval:org.secpod.oval:def:1507353 pgaudit pg_repack postgres-decoderbufs postgresql [15.6-1] - update to 15.6 - Fixes CVE-2024-0985 [15.5-1] - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139 [15.3-1] - update to 15.3 - Fixes CVE-2023- ... oval:org.secpod.oval:def:89049279 This update for postgresql15 fixes the following issues: * Update to 15.4 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions. * CVE-2023-39418: Fix MERGE to enforce row security oval:org.secpod.oval:def:2501292 PostgreSQL is an advanced object-relational database management system . |