Download
| Alert*
oval:org.secpod.oval:def:505060
PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql94-postgresql . Security Fix: * It was found that some selectivity estimation functions did not check user privileges before providing informa ... oval:org.secpod.oval:def:505342 PostgreSQL is an advanced object-relational database management system . Security Fix: * It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use th ... oval:org.secpod.oval:def:1800030 CVE-2017-7484: selectivity estimators bypass SELECT privilege checks; Fixed In Version: postgresql 9.4.12, postgresql 9.5.7, postgresql 9.6.3 oval:org.secpod.oval:def:505531 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql . Security Fix: * A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A ... oval:org.secpod.oval:def:504879 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql . Security Fix: * It was found that some selectivity estimation functions did not check user privileges before providing informa ... oval:org.secpod.oval:def:89044568 This update for postgresql94 to 9.4.12 fixes the following issues: Upstream changelogs: - https://www.postgresql.org/docs/9.4/static/release-9-4-12.html - https://www.postgresql.org/docs/9.4/static/release-9-4-11.html - https://www.postgresql.org/docs/9.4/static/release-9-4-10.html Security issues f ... oval:org.secpod.oval:def:89044792 This update for postgresql93 fixes the following issues: - bsc#1029547: Fix tests with timezone 2017a - CVE-2017-7486: Restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. - CVE-2017-7485: Recognize PGREQUIRESSL variable again. - CVE-2017-7484: Pr ... oval:org.secpod.oval:def:87202 The host is installed with PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7 or 9.6.x before 9.6.3 and is prone to a man-in-the-middle attack vulnerability. A flaw is present in the application fails to enforce a SSL/TLS connection to a PostgreSQL server by PGREQUIRESSL environ ... oval:org.secpod.oval:def:1600707 Selectivity estimators bypass SELECT privilege checksIt was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables ... oval:org.secpod.oval:def:602879 Several vulnerabilities have been found in the PostgreSQL database system: CVE-2017-7484 Robert Haas discovered that some selectivity estimators did not validate user privileges which could result in information disclosure. CVE-2017-7485 Daniel Gustafsson discovered that the PGREQUIRESSL environment ... oval:org.secpod.oval:def:1800481 CVE-2017-7484: selectivity estimators bypass SELECT privilege checks Fixed In Version postgresql 9.4.12, postgresql 9.5.7, postgresql 9.6.3 |