Download
| Alert*
oval:org.secpod.oval:def:508150
PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:708646 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:508175 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the C ... oval:org.secpod.oval:def:89051362 This update for postgresql, postgresql15, postgresql16 fixes the following issues: This update ships postgresql 16. Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknow ... oval:org.secpod.oval:def:89051125 This update for postgresql14 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:89051147 This update for postgresql, postgresql15, postgresql16 fixes the following issues: This update ships postgresql 16. Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknow ... oval:org.secpod.oval:def:89051104 This update for postgresql12 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:89051102 This update for postgresql, postgresql15, postgresql16 fixes the following issues: This update ships postgresql 16 . Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unkno ... oval:org.secpod.oval:def:2600470 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:1507195 [9.2.24-9] - Backport fix for CVE-2023-5869 oval:org.secpod.oval:def:96068 The host is installed with PostgreSQL 11.x before 11.22, 12.x before 12.17, 13.x before 13.13, 14.x before 14.10, 15.x before 15.5, or 16.x before 16.1 and is prone to an integer overflow vulnerability. A flaw is present in the application which fails to properly handle an issue during array modific ... oval:org.secpod.oval:def:508132 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:508133 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:19500559 Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirmed or ruled out via ... oval:org.secpod.oval:def:1507231 pgaudit [1.7.0-1] - Update to 1.7.0 - Support postgresql 15 - Related: #2128241 [1.5.0-1] - Update to version 1.5.0 Related: #1855776 pg_repack [1.4.8-1] - Update to version 1.4.8 - Postgresql 15 is supported - Related: #2128241 [1.4.6-4] - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rh ... oval:org.secpod.oval:def:4501516 PostgreSQL is an advanced object-relational database management system . Security Fix: * postgresql: Buffer overrun from integer overflow in array modification * postgresql: Memory disclosure in aggregate function calls * postgresql: extension script @substitutions@ within quoting allow SQL inject ... oval:org.secpod.oval:def:2501280 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:89051116 This update for postgresql13 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:1702074 Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirmed or ruled out via ... oval:org.secpod.oval:def:3302076 Security update for postgresql13 oval:org.secpod.oval:def:1702076 Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirmed or ruled out via ... oval:org.secpod.oval:def:1507219 pgaudit pg_repack postgres-decoderbufs postgresql oval:org.secpod.oval:def:89051114 This update for postgresql12 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:95389 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:95388 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:508028 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification postgresql: Memory disclosure in aggregate function calls postgresql: extension script @substitutions@ within quoting allow SQL injection p ... oval:org.secpod.oval:def:2600462 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:508121 PostgreSQL is an advanced object-relational database management system . Security Fix: postgresql: Buffer overrun from integer overflow in array modification For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the C ... oval:org.secpod.oval:def:89051093 This update for postgresql14 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:206041 Security Fix: postgresql: Buffer overrun from integer overflow in array modification For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1507182 pgaudit pg_repack postgres-decoderbufs postgresql [13.13-1.0.1] - Fixed postgresql port binding issue during bootup [Orabug: 35103668] [13.13-1] - Update to 13.13 - Fixes: CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-39417 - Resolves: RHEL-16085 RHEL-16123 oval:org.secpod.oval:def:612798 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:1507203 pgaudit pg_repack postgres-decoderbufs postgresql [15.5-1] - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139 oval:org.secpod.oval:def:1507205 [13.13-1.0.1] - Update to 13.13 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, and CVE-2023-39417 oval:org.secpod.oval:def:96782 postgresql-15: Object-relational SQL database - postgresql-14: Object-relational SQL database - postgresql-12: Object-relational SQL database Several security issues were fixed in PostgreSQL. oval:org.secpod.oval:def:1507222 [10.23-3.0.1] - Resolves: CVE-2023-5869 oval:org.secpod.oval:def:612797 Several vulnerabilities have been discovered in the PostgreSQL database system. CVE-2023-5868 Jingzhou Fu discovered a memory disclosure flaw in aggregate function calls. CVE-2023-5869 Pedro Gallegos reported integer overflow flaws resulting in buffer overflows in the array modification functions. C ... oval:org.secpod.oval:def:1702001 While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server memory. The CVE-2021-32027 fix ... oval:org.secpod.oval:def:2501290 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:1702068 While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server memory. The CVE-2021-32027 fix ... oval:org.secpod.oval:def:2501291 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:2501292 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:89051105 This update for postgresql13 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:1702066 Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirmed or ruled out via ... oval:org.secpod.oval:def:1507353 pgaudit pg_repack postgres-decoderbufs postgresql [15.6-1] - update to 15.6 - Fixes CVE-2024-0985 [15.5-1] - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139 [15.3-1] - update to 15.3 - Fixes CVE-2023- ... oval:org.secpod.oval:def:1702322 While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution. Missing overflow checks also let authenticated database users read a wide area of server memory. The CVE-2021-32027 fix ... |