postgresql:12 security update
エラータID: AXSA:2022-3790:01
PostgreSQL is an advanced object-relational database management system (DBMS).
The following packages have been upgraded to a later upstream version: postgresql (12.11).
Security Fix(es):
* postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox (CVE-2022-1552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-1552
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Modularity name: postgresql
Stream name: 12
Update packages.
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
N/A
SRPMS
- pgaudit-1.4.0-5.module+el8+1512+e8c6d66c.src.rpm
MD5: 75890a9722610322787404d6087ff6be
SHA-256: f00eb7758836b85b9bc73e04b341fe59c0aa32f0719f41c9d6918faf79537dbd
Size: 42.07 kB - pg_repack-1.4.6-3.module+el8+1512+e8c6d66c.src.rpm
MD5: 75fef706428687f8bb78466fb8d4fa4c
SHA-256: 040b061afe6ed46f3e61dbc83e4ff26c82a6893e004cb09869e49b9dc0adfd69
Size: 100.99 kB - postgres-decoderbufs-0.10.0-2.module+el8+1512+e8c6d66c.src.rpm
MD5: d952b401c12c87d24c39ae3bdc3e1127
SHA-256: d4613849f68e65c44d7079ef2178a8bbf67b7646d807ab72c0cc110b0ab8afa0
Size: 21.13 kB - postgresql-12.11-2.module+el8+1512+e8c6d66c.ML.1.src.rpm
MD5: 3e0d354807f49737968043e6ae32a9ff
SHA-256: e20729b784a80b0397ab4b753466820d77519ec6fd2c5f0131b74ba6cdae203d
Size: 46.29 MB
Asianux Server 8 for x86_64
- pgaudit-1.4.0-5.module+el8+1512+e8c6d66c.x86_64.rpm
MD5: 86c6e14797da1ae60bf2de79fae1fbe8
SHA-256: b9cecf3ff0641fad0cb8f002b3fbc86fa258311074345ab4190571d969937a32
Size: 26.89 kB - pgaudit-debugsource-1.4.0-5.module+el8+1512+e8c6d66c.x86_64.rpm
MD5: 188cb95cb5b82b5f2cd4119362de01c2
SHA-256: ca0f0bd7df9a360d00a801c105e49ff227734ab68f98a7d72dc933e5e25e2958
Size: 22.80 kB - pg_repack-1.4.6-3.module+el8+1512+e8c6d66c.x86_64.rpm
MD5: 1432099b97d45e97b1de15c284bb5a21
SHA-256: 241119fc78cee96b17d3fec09fcb6aa1a026419688f934588cebc5b9bf21429f
Size: 89.16 kB - pg_repack-debugsource-1.4.6-3.module+el8+1512+e8c6d66c.x86_64.rpm
MD5: 9b327321228c786edd12291e3e0228ea
SHA-256: 543b6c3bf4c70926f4738c10eb80030833483fbe6c6e78bdd47058245a3f7ceb
Size: 49.69 kB - postgres-decoderbufs-0.10.0-2.module+el8+1512+e8c6d66c.x86_64.rpm
MD5: 8e9da9485aeebeaa0e5e77c9468d93ab
SHA-256: fcca56e036fb13ae80d4479bcb4d03069ffe32ea97293f70d40c79b21d6075a5
Size: 21.83 kB - postgres-decoderbufs-debugsource-0.10.0-2.module+el8+1512+e8c6d66c.x86_64.rpm
MD5: 85ca9d79deb37074d1315ab3309e2890
SHA-256: 9febbc06711cb0f6e69de9bb873bea029a606405943a2bfe6045fd40aead71f0
Size: 16.81 kB - postgresql-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 661f42f0f1a21d13187affaed2ace0fb
SHA-256: 3adcf6827ef7710ed04f669c352517c0a7822578a57dd32d9a6ec32a8521aeab
Size: 1.50 MB - postgresql-contrib-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 16f7ce01b9db1a53fbd4716fd1cee7a1
SHA-256: 37bb3bf33e1f4aa9aac984f1a5b852e40d680647afa278bf89c33e94e600f33a
Size: 869.26 kB - postgresql-debugsource-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 73f084856a5278394ac2f73c187f1272
SHA-256: 059d282d070a8d7810c64132c5c59f4a80f520c01d64a249f6d3784d71a06685
Size: 16.92 MB - postgresql-docs-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: e4e1217c1e7b93138294c479f944dfb4
SHA-256: 45b259a3cd8b2db50a6bfecfcb89746f84365e642832a192c7d28cf08819891a
Size: 9.64 MB - postgresql-plperl-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: e58526f41f4ab467b1029554af5ed761
SHA-256: c6af3524c892da9389b562892868418fc9061a227516c77668ced855f790e0b9
Size: 109.19 kB - postgresql-plpython3-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 9950835245a6173e961e83d0ef39b6da
SHA-256: b8f0c2ed75e5a360f5d3de839308a0c401aec4fdc95f0ba7e2660295d1d9b24c
Size: 128.74 kB - postgresql-pltcl-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: ad85c9b9f99c24ff7e70b70bfc5e6c3c
SHA-256: e4f3ea5a269434f354a326c390c39361a9c991b1128992a1c40216ffeb32d7eb
Size: 84.79 kB - postgresql-server-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 25bebad82428142bb7a30dd8d30fefdf
SHA-256: 0baf02b0f184acecb34a8edd67c03402dbacbc485a051e6d4a1ec12a863727ff
Size: 5.57 MB - postgresql-server-devel-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 8474250215f3946b45c27e5e7b6f30a0
SHA-256: e1d50b7eb92b44cf61cd713425acaa1053b99b0b7b68e5b32a1b1d8019f4b2a6
Size: 1.22 MB - postgresql-static-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 7ecb40e5c630882ccee71162856f882b
SHA-256: dd73a1e355216f06439730f069490c8ef79fd4df2ca08909b03281fa435e2854
Size: 167.06 kB - postgresql-test-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 0dcc2880afa0631603e82fbb7cd66c90
SHA-256: 07d1e6b686d377fda0d9d37ca8bda75b66485f23301ca566fca265e1ceda2f49
Size: 1.93 MB - postgresql-test-rpm-macros-12.11-2.module+el8+1512+e8c6d66c.ML.1.noarch.rpm
MD5: b7996a2acb4553b8bcb1d820d1fbb900
SHA-256: ca8acd3bf0a0bc5c9eda808b61b7e8679a5726648844c9ce5ed4b2ae523bfa72
Size: 52.64 kB - postgresql-upgrade-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 87c75dfe4ba6a11a80a2ecf6359c614a
SHA-256: d2a2d65f74a42a6b8c34a56c5016fe4abaf1a02fab4843e20afa9df7971d3696
Size: 4.07 MB - postgresql-upgrade-devel-12.11-2.module+el8+1512+e8c6d66c.ML.1.x86_64.rpm
MD5: 7e05366c42413b14833f278695866f43
SHA-256: 41f9892c23f2e4ba0d3b86ef69856b5b28543eaec6e1b9215c0f805f6876be29
Size: 1.13 MB