Download
| Alert*
|
oval:org.secpod.oval:def:89043537
This update for postgresql12 fixes the following issues: Upgrade to version 12.6: - Reindexing might be needed after applying this update. - CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages. oval:org.secpod.oval:def:70383 postgresql-12: Object-relational SQL database PostgreSQL could be made to expose sensitive information. oval:org.secpod.oval:def:89002815 This update for postgresql13 fixes the following issues: Upgrade to version 13.2: - Updating stored views and reindexing might be needed after applying this update. - CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages. - CVE-2021-20229, bsc#1182039: Fix failur ... oval:org.secpod.oval:def:1801863 A security issue was found in PostgreSQL 11 to 13 before version 13.2. A user having an UPDATE privilege on a partitioned table but lacking the SELECT privilege on some column may be able to acquire denied-column values from an error message. This is similar to CVE-2014-8161, but the conditions to e ... oval:org.secpod.oval:def:506222 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql . Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory discl ... oval:org.secpod.oval:def:506218 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT . ... oval:org.secpod.oval:def:89044397 This update for postgresql12 fixes the following issues: - Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly- ... oval:org.secpod.oval:def:705897 postgresql-12: Object-relational SQL database PostgreSQL could be made to expose sensitive information. oval:org.secpod.oval:def:89049449 This update for postgresql13 fixes the following issues: Upgrade to version 13.2: * Updating stored views and reindexing might be needed after applying this update. * CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages. * CVE-2021-20229, bsc#1182039: Fix failur ... oval:org.secpod.oval:def:89049547 This update for postgresql12 fixes the following issues: Upgrade to version 12.6: - Reindexing might be needed after applying this update. - CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages. oval:org.secpod.oval:def:87209 The host is installed with PostgreSQL 11.x before 11.11, 12.x before 12.6 or 13.x before 13.2 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to handle a user having UPDATE permission but not SELECT permission. Successful exploitation allows ... oval:org.secpod.oval:def:4500041 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:73646 PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql Security Fix: * postgresql: Buffer overrun from integer overflow in array subscripting calculations * postgresql: Memory disclosure in INSERT . ... oval:org.secpod.oval:def:2500483 PostgreSQL is an advanced object-relational database management system . oval:org.secpod.oval:def:1701725 A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. ... oval:org.secpod.oval:def:1504973 pgaudit [1.4.0-6] - Fix build requires [1.4.0-5] - Fix build requires postgresql [12.7-1] - Update to 12.7 Resolves: #1964510 Fix: CVE-2021-32027,CVE-2021-32028 |
