postgresql:13 security update

エラータID: AXSA:2022-2993:01

Release date: 
Thursday, January 20, 2022 - 08:20
Subject: 
postgresql:13 security update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (13.5).

Security Fix(es):

* postgresql: memory disclosure in certain queries (CVE-2021-3677)
* postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-23214
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2021-3677
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Modularity name: postgresql
Stream name: 13

Solution: 

Update packages.

CVEs: 
CVE-2021-23214
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2021-3677
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Additional Info: 

N/A

Download: 

SRPMS
  1. pgaudit-1.5.0-1.module+el8+1372+771d780c.src.rpm
    MD5: 8e8c589914c81e20ad1fe3c7b00192ce
    SHA-256: 6ca86748fdbb9bcec36abf0c6265e1ce6455fc7a209bc0f12565cb517f3a181f
    Size: 42.62 kB
  2. pg_repack-1.4.6-3.module+el8+1372+771d780c.src.rpm
    MD5: f37a73ba7d97ac9add345a88c030685d
    SHA-256: 1b21cfd4fb4d9e4df4c85fde7afa1f4a593d2b4a6043a5a8a5c2ae18ea2db0ba
    Size: 101.01 kB
  3. postgres-decoderbufs-0.10.0-2.module+el8+1372+771d780c.src.rpm
    MD5: 4848ecc32e195bcb1c70ccb12ee02a02
    SHA-256: c68c127ad7578dd3b3297a5aa72e4573f1ce81ff88fdbcfe6d602639fb38943c
    Size: 21.15 kB
  4. postgresql-13.5-1.module+el8+1372+771d780c.src.rpm
    MD5: 54adbe3088580bfc532c9113f97f69ac
    SHA-256: e298c1568d6237605a7ec43fd209ec9f5e09d16eafdb94dc5f51b233f1f25f0d
    Size: 47.76 MB

Asianux Server 8 for x86_64
  1. pgaudit-1.5.0-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 3d829eba0e3ef15acc0380e4e0026dc2
    SHA-256: 143b2f47502d7893871b81c5340523ed40b0746a4e8537f7abc9834bd51e2ee1
    Size: 27.03 kB
  2. pgaudit-debugsource-1.5.0-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 170cc8cbe61824b075091aa6d4299e82
    SHA-256: 0e77d6e0ef2585b559968e851e9cc5852ab9a9406cf6850701669d48994b25e2
    Size: 22.82 kB
  3. pg_repack-1.4.6-3.module+el8+1372+771d780c.x86_64.rpm
    MD5: 6ff505a1ef431ef99dcd795efdcc8507
    SHA-256: 8baf3d84421e085429f27d10c1575db613ad8ee02b6f0de3ec76651cd56c014e
    Size: 89.55 kB
  4. pg_repack-debugsource-1.4.6-3.module+el8+1372+771d780c.x86_64.rpm
    MD5: a913baff4cceb92217bb061459c97464
    SHA-256: 4fdf57afc49b3d510581a045ba09f8cf134e963c472ea5363cbba5be97abd55a
    Size: 49.70 kB
  5. postgres-decoderbufs-0.10.0-2.module+el8+1372+771d780c.x86_64.rpm
    MD5: 93fb35d8de52e845b2172a958e3e01ee
    SHA-256: e8befd22e88204e65c46ef040620e8fcbe36ea9d03977ef04ff770428692acc2
    Size: 21.89 kB
  6. postgres-decoderbufs-debugsource-0.10.0-2.module+el8+1372+771d780c.x86_64.rpm
    MD5: a1b5705beab95fb87fc8abbbd0f0b023
    SHA-256: 13a4efc788516a16a05e6fbbdf1d9111b37b74702b7565004bb18d43eb0e51e7
    Size: 16.82 kB
  7. postgresql-plpython3-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 886dd39901c808019691ffd5113fb834
    SHA-256: 4368aea7131995f17342d3bb6a5ed2f80dd325bc8a55ca00fb575d57b78f339b
    Size: 127.38 kB
  8. postgresql-test-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: a080c9bab147f1be3db7df331e950aed
    SHA-256: 42ee8e81800fe69cd465a120ffb1823271d091ba904bc50260ea575ffa929fb4
    Size: 2.00 MB
  9. postgresql-contrib-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 5d591a21e12f1189c312875116a34ff9
    SHA-256: 34d77d9eb5017306be0836f370c5bce14f75a3f9c52b5634ef2c4ffd0577e117
    Size: 875.58 kB
  10. postgresql-docs-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: e142251fa856123f40be01af9c9c4c4f
    SHA-256: 5e0f3de4f92913c2085c064c9b1251859c4a6f1ab1b202497b36bed809065ffe
    Size: 9.62 MB
  11. postgresql-debugsource-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: ee42d34daf26154a6a752004875c20b7
    SHA-256: f0f3089ca737261cd0d3b084535090247d6079b30654f2e100ed9cf5c57b1634
    Size: 17.53 MB
  12. postgresql-plperl-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 638808dd70753bec1065d48e4f1f5645
    SHA-256: 74efdd31b09798338d6f0168f2c7f9cc44376edf4b882b680b9afc324ebcca56
    Size: 111.51 kB
  13. postgresql-static-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: d17e941bcc2188e265db15c9f82692ba
    SHA-256: 5c42f3c827842605ea8650b3eda0ec0a4d6e086f5b311f681931d4647d4692e0
    Size: 187.34 kB
  14. postgresql-upgrade-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 50262caaec4a5ec0d2b65af6356bdaf2
    SHA-256: 928f3ca8c920b42780029679634ef476334f3a6e7d477cf06ae84f458cff6321
    Size: 4.37 MB
  15. postgresql-pltcl-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 0dc795ce565ca971d30d7c2accb7a5cc
    SHA-256: e6ebd188ad556e52c9fd6bba95c2da95d30bfe6fd560442e170377ed9fa53930
    Size: 84.30 kB
  16. postgresql-upgrade-devel-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: a8676caff0da651c67217910d532b447
    SHA-256: 4677e76cdcf774599ea85809990d5f113ae77ff2db8c0177c5712f93457ec4c4
    Size: 1.10 MB
  17. postgresql-server-devel-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 8f02a51e0449cb26e276b055bcbe7335
    SHA-256: 3045600b746d187fee60aa5eed8c91dc794acdb723418f23a3b10b3dbd83bbda
    Size: 1.18 MB
  18. postgresql-test-rpm-macros-13.5-1.module+el8+1372+771d780c.noarch.rpm
    MD5: 3bfae3c4ef797446beba0864802181fa
    SHA-256: a84a85c7b50550c1eae1605aa2c4c43556ea5fb9903d8c9af08ee85505d8c38b
    Size: 51.91 kB
  19. postgresql-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 49fb15596b424d87c316880da7190eb6
    SHA-256: 2e0def1775dfe93049477e984c1c88f2c4b91abbade28367a43cd10337d185e3
    Size: 1.54 MB
  20. postgresql-server-13.5-1.module+el8+1372+771d780c.x86_64.rpm
    MD5: 216a63265df29c520f06ea50cedc6627
    SHA-256: ad2585960e828225a7e450dcc600b8aa9d24eb284ecb6b5b0b6eea4d743bf0e5
    Size: 5.63 MB