rh-postgresql10-postgresql-10.6-1.el7

エラータID: AXSA:2019-3615:01

Release date:

Friday, February 15, 2019 - 14:28

Subject:

Affected Channels:

Asianux Server 7 for x86_64

Severity:

High

Description:

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: rh-postgresql10-postgresql (10.6). (BZ#1649369)

Security Fix(es):

* postgresql: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING (CVE-2018-16850)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2018-16850
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.

Solution:

Update packages.

CVEs:

Additional Info:

N/A

Download:

SRPMS

rh-postgresql10-postgresql-10.6-1.el7.src.rpm
MD5: c33e24bfe575170c3d49c8a6f4e260a1
SHA-256: 8913f1187eb1dda237f1d035c5e23040d6c5f0858d852842564e1361c876f68e
Size: 29.11 MB

Asianux Server 7 for x86_64

rh-postgresql10-postgresql-10.6-1.el7.x86_64.rpm
MD5: 3067e790effe01c1747523ed19cd9c9f
SHA-256: 2bec4cd099befd28b767d79a8ff952feb65317e218c3a086e4a9002383cbc132
Size: 1.44 MB
rh-postgresql10-postgresql-contrib-10.6-1.el7.x86_64.rpm
MD5: 8492f4c2fa0e54118d7055654e5a53cf
SHA-256: 7484643ddfd50fa46404f222e57f8b78012f7870b14e3a5d8ffa7e76ea80ddb9
Size: 772.64 kB
rh-postgresql10-postgresql-contrib-syspaths-10.6-1.el7.x86_64.rpm
MD5: 91afd1457be44775676f6c4a01d9e624
SHA-256: fb1ab14ced13235a47252b58e235f64b3e93ee40c00000202b0e139641484886
Size: 40.45 kB
rh-postgresql10-postgresql-devel-10.6-1.el7.x86_64.rpm
MD5: f381063e1433aaec4384a897df6e3d94
SHA-256: 699f74beb20e171ac0d76b8e084b6ba012fcfaa93b6150a35800e6ad3fd624a5
Size: 1.29 MB
rh-postgresql10-postgresql-docs-10.6-1.el7.x86_64.rpm
MD5: 0d7e2d25a578102522c081b9d5f67e23
SHA-256: 8c53c955a1642c310d4986830b611f96bdc3ef9212237e742c44bf7c8c85a04a
Size: 11.85 MB
rh-postgresql10-postgresql-libs-10.6-1.el7.x86_64.rpm
MD5: 0692d77b4fe00443f9faa967a56d68d4
SHA-256: fb1fec179a0e88fc5377ee94836bd2e5ce12f0e42f41b4111f2445f0cbda5994
Size: 289.28 kB
rh-postgresql10-postgresql-plperl-10.6-1.el7.x86_64.rpm
MD5: df53d51a8be311b2e19c940a78d73233
SHA-256: d1b7d8ce752756c0b4489f1485e9d3c8eaefadebb296daa31fb5e6ced80bd5ee
Size: 89.52 kB
rh-postgresql10-postgresql-plpython-10.6-1.el7.x86_64.rpm
MD5: 5886e9b30048669baa1550cd3ef5b05b
SHA-256: adf7c8cf4846257618ad64516e5a50e518d9ae3f86c48a52403e717220c5f6cd
Size: 112.09 kB
rh-postgresql10-postgresql-pltcl-10.6-1.el7.x86_64.rpm
MD5: e5fc33dba1c7d802bfab7658860ebe66
SHA-256: b8b689b75f102546aa8f7bd2358607d93eb4d7ea3335de527fb03087aa79e09d
Size: 68.18 kB
rh-postgresql10-postgresql-server-10.6-1.el7.x86_64.rpm
MD5: d61364aabc7ff474ff65a8ee67040da4
SHA-256: 4a5ec170163dac11258d92054e6ca542970991d04d321eae2a41a3bebf35cc9c
Size: 4.88 MB
rh-postgresql10-postgresql-server-syspaths-10.6-1.el7.x86_64.rpm
MD5: fd6eabb924453db80090baf39a3ae0e2
SHA-256: db0e41e99db35f2ab8ba84bf899085eb9f46f4f5e55a140dbd611966dead99a6
Size: 41.93 kB
rh-postgresql10-postgresql-static-10.6-1.el7.x86_64.rpm
MD5: b9ea7f65bbf45943308e6511476dc85c
SHA-256: d61969568d5543e20823f9b4d0d6b7710b38a33dde987957b02cb94a87690975
Size: 103.37 kB
rh-postgresql10-postgresql-syspaths-10.6-1.el7.x86_64.rpm
MD5: ae330da973da05f803aec80ce6d7b325
SHA-256: 4231ae9b85d385231ec0be800bb16cbdc58af42fcc242fbf7d5d618c38e237ed
Size: 41.77 kB
rh-postgresql10-postgresql-test-10.6-1.el7.x86_64.rpm
MD5: 2848e9ecd90fbf314ad4af5999a77a54
SHA-256: 4620dc127a22d9df34e3d903588db114b0536c2fed73034ca79a771e901ca148
Size: 1.62 MB

Main menu

You are here

rh-postgresql10-postgresql-10.6-1.el7