RHSA-2020:5620-01 -- Redhat pgaudit, postgres-decoderbufs, postgresqlID: oval:org.secpod.oval:def:505248 | Date: (C)2021-01-22 (M)2024-05-24 |
Class: PATCH | Family: unix |
PostgreSQL is an advanced object-relational database management system . The following packages have been upgraded to a later upstream version: postgresql . Security Fix: * postgresql: Reconnection can downgrade connection security settings * postgresql: Multiple features escape security restricted operation sandbox * postgresql: Uncontrolled search path element in logical replication * postgresql: Uncontrolled search path element in CREATE EXTENSION * postgresql: psql"s \gset allows overwriting specially treated variables * postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |
Product: |
pgaudit |
postgres-decoderbufs |
postgresql |