postgresql-jdbc-42.2.3-3.el8
エラータID: AXSA:2020-847:03
Release date:
Monday, November 2, 2020 - 10:18
Subject:
postgresql-jdbc-42.2.3-3.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database.
Security Fix(es):
* postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-13692
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
Solution:
Update packages.
CVEs:
Additional Info:
N/A
Download:
SRPMS
- postgresql-jdbc-42.2.3-3.el8.src.rpm
MD5: f540f89e3563601cbddc8dffabee335e
SHA-256: 3ff76b68132b861f83b570054289ebbb39a024152774c1d9e64a6545002469a5
Size: 1.35 MB
Asianux Server 8 for x86_64
- postgresql-jdbc-42.2.3-3.el8.noarch.rpm
MD5: 6c6060009c4118056fda336560ad4e73
SHA-256: 714f208bfcc45678e87c9e72cc8500bbbebbd701d3e4f3600bf8218fcb93ec13
Size: 708.61 kB - postgresql-jdbc-javadoc-42.2.3-3.el8.noarch.rpm
MD5: a242704a5114700cb78a627e4a645c9e
SHA-256: a8830b85967d0b6535052c683cd346c6904e1c4d7a75ba8117fa869d65c3ea4f
Size: 624.66 kB