postgresql-9.2.24-9.el7

エラータID: AXSA:2023-6988:06

Release date: 
Thursday, December 14, 2023 - 05:13
Subject: 
postgresql-9.2.24-9.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array modification (CVE-2023-5869)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. postgresql-9.2.24-9.el7.src.rpm
    MD5: d0060bb7c327f7334276b862aa092624
    SHA-256: e3f03099a951868030cd04f6d31cd425df7f8cb5eb9fe50b7556e6323ddda91a
    Size: 35.99 MB

Asianux Server 7 for x86_64
  1. postgresql-9.2.24-9.el7.i686.rpm
    MD5: b3b33945252a44949c14b0cacfdc42e5
    SHA-256: 962ce0187b290c2c248065de5995887f7d06de5e8fe8c3031923429e91a4f00b
    Size: 3.02 MB
  2. postgresql-9.2.24-9.el7.x86_64.rpm
    MD5: bf407c66f0a57237ba9743a89b0b9b4e
    SHA-256: 071dfb700aeaa3459713096583e608740d0e1ad803106cad077922ab01cf4318
    Size: 3.03 MB
  3. postgresql-contrib-9.2.24-9.el7.x86_64.rpm
    MD5: 93090b85118be8a6e3d1a000a9f5fb2a
    SHA-256: 41ed30c1d055c21e03a8d338f893e50f0ef0a7301ab78710dc206390561f68cc
    Size: 551.82 kB
  4. postgresql-devel-9.2.24-9.el7.i686.rpm
    MD5: 800e5be824091f26960d0a11022526ab
    SHA-256: 8a91d50748f016b95d65b63d60f492f4519ba381e49e4bb72e123ab0ce136904
    Size: 955.19 kB
  5. postgresql-devel-9.2.24-9.el7.x86_64.rpm
    MD5: 99172ead4fa69038d4fb33e15e0585d3
    SHA-256: 388af554e044bb64063173755d753e75378c27430829252ec9641dfed4378a43
    Size: 960.87 kB
  6. postgresql-docs-9.2.24-9.el7.x86_64.rpm
    MD5: 8ec67ac7248162ce76dda9f80b1d5543
    SHA-256: ab86d889d98c16c1cb1c55b5b197d325504b617c2b31da465dbd7f798771bfd6
    Size: 6.87 MB
  7. postgresql-libs-9.2.24-9.el7.i686.rpm
    MD5: 4c87d18578d62fb309e8cbb8042e7ac9
    SHA-256: 8a67a671e0b48949f7e4147a4de0eed4c61603a1477342c74539e31c1195db42
    Size: 234.08 kB
  8. postgresql-libs-9.2.24-9.el7.x86_64.rpm
    MD5: 024e401ee77db12df669dc1482d3185d
    SHA-256: 28ee5f6a01e0d9facdb14a38faedf1a703bf9184b4a387afa9adef8deed9e590
    Size: 233.91 kB
  9. postgresql-plperl-9.2.24-9.el7.x86_64.rpm
    MD5: 35edff9be37233617e35ddb1e3fafb06
    SHA-256: 265aac7860becacf0951fb29df6ed49a2142dd4ec9e955fec5a804baa2bd9c35
    Size: 83.12 kB
  10. postgresql-plpython-9.2.24-9.el7.x86_64.rpm
    MD5: 04c9b383351d5dd4a8a3f6d49544db7e
    SHA-256: 99b12efcb1d510b5919364c08cc50572ec60a69d80793b9cdfd4310860134539
    Size: 96.03 kB
  11. postgresql-pltcl-9.2.24-9.el7.x86_64.rpm
    MD5: eec82708debc27d8461c16b5f81b2e46
    SHA-256: f1f9aee6c4a40e52c2d52c9ac344f420f7b4189c30ec8bc83306accbbb24340a
    Size: 59.33 kB
  12. postgresql-server-9.2.24-9.el7.x86_64.rpm
    MD5: 53f130c100d69a4cda4de640d2754fac
    SHA-256: 96a1c6bfa321221c3e4887075595c7c00754ec1f8057df187c68822ecb48bf2b
    Size: 3.82 MB
  13. postgresql-test-9.2.24-9.el7.x86_64.rpm
    MD5: 69da4d6c267341efedd822a66f4cc285
    SHA-256: 11d9705df370e45a514f81f2f6a81111f290ae2ccb63ae1645a49757620afc90
    Size: 1.76 MB