postgresql-13.16-1.el9_4
エラータID: AXSA:2024-8734:04
PostgreSQL is an advanced object-relational database management system (DBMS).
Security Fix(es):
* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE-2024-7348
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
Update packages.
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.
N/A
SRPMS
- postgresql-13.16-1.el9_4.src.rpm
MD5: 6e4cafa8f42dcf783947f1c1e95c2419
SHA-256: 06dfc15e9a67bca2425c48665b8ef9f8de94ebc9f8fdf1908951c11a400c3175
Size: 48.67 MB
Asianux Server 9 for x86_64
- postgresql-13.16-1.el9_4.x86_64.rpm
MD5: 3d953cf9d18499431cdb5be1c93cd4af
SHA-256: 7c15f1613644c7b2e28f86a2b7034741e07fc10fa925d733d57dc344477b2da0
Size: 1.58 MB - postgresql-contrib-13.16-1.el9_4.x86_64.rpm
MD5: 3ee1cdf167ae14ea66163ea7710f05ca
SHA-256: 81c591e99c9bff4ad657d1485a272a03c19a32b0d49ff176beb5c4bf5e73ad3d
Size: 890.85 kB - postgresql-docs-13.16-1.el9_4.x86_64.rpm
MD5: 62fe8f172012a8feddfca1965df3d4b7
SHA-256: b8d35aeca78f50bb99c583416aa51bad2438d21394b069c81074de2639eb04cd
Size: 9.56 MB - postgresql-plperl-13.16-1.el9_4.x86_64.rpm
MD5: d1c613680916a698fedb64a22c959436
SHA-256: 20774bb42de86f3ff5786b8623cac7157a78eaa39e3df66072e614e4c18bf9ec
Size: 73.91 kB - postgresql-plpython3-13.16-1.el9_4.x86_64.rpm
MD5: 5d613b87a91dbbc3e8c3a99286d52ffd
SHA-256: f76101eceadf2ac7a31b0e49951a3de46fc5452904f5388e57d92dfd09673482
Size: 93.26 kB - postgresql-pltcl-13.16-1.el9_4.x86_64.rpm
MD5: cd89aa764ab88d0854c2b6abcadbf56d
SHA-256: 7c25eaeafafe9a221b9c37d8b9426600c4aae341c96bb9d5d15433a19d8ba971
Size: 48.11 kB - postgresql-private-devel-13.16-1.el9_4.x86_64.rpm
MD5: d60a69a132885853203c64868a4183cf
SHA-256: f2d31e6d28dfb0b35005b81e945dda18938734dd2651d662bee2bc6d2e7a680a
Size: 62.21 kB - postgresql-private-libs-13.16-1.el9_4.x86_64.rpm
MD5: b297558719fdd4facf6fb2414a0853be
SHA-256: 3e1d7ae0f6955d64faa84e67c25be09e13723a101fe0df9e607a9d1ffdf7696d
Size: 136.21 kB - postgresql-server-13.16-1.el9_4.x86_64.rpm
MD5: 3dd2013f743e6b659e5396c680e9a76a
SHA-256: 4b317efe2c2a9c9b717ccd5e2452b6884cbc18d123d2a93139d41468ff28ee9d
Size: 5.76 MB - postgresql-server-devel-13.16-1.el9_4.x86_64.rpm
MD5: 253fbd03b575dcebf5a38273734d8f6e
SHA-256: 00d1c682f815fb45cc0eeecb908a81d410b49baea3098e438ef6e24bc640fb3b
Size: 1.30 MB - postgresql-static-13.16-1.el9_4.x86_64.rpm
MD5: 079c2432b91052863dad7385ea8d16f4
SHA-256: 762523f8fd3d5096347a8cd6291592138c80dcc57ce0c987bc22f6ce066f21bc
Size: 124.67 kB - postgresql-test-13.16-1.el9_4.x86_64.rpm
MD5: da47ced39e9fcfca1dc80bc2c7687658
SHA-256: 66c30c98e52a2bb591d61bc1b1cc9958a4c6da7c75aa50f1e7e456f6dd14d14a
Size: 1.53 MB - postgresql-upgrade-13.16-1.el9_4.x86_64.rpm
MD5: ff8a894faa8c73d80e8b2df91705de85
SHA-256: 16efb5e2713a023e02372cba2c6821762db5eeff0fb30dabe37d6148aced66c4
Size: 4.61 MB - postgresql-upgrade-devel-13.16-1.el9_4.x86_64.rpm
MD5: dcb83640399e44275eca7020b2396a50
SHA-256: 9637fbbffc94c0efd99f59a0f7f4d0cecb9fd553a0111c677d0039020873f946
Size: 1.20 MB
日本語