postgresql:12 security update
エラータID: AXSA:2022-3939:01
リリース日:
2022/10/27 Thursday - 00:15
題名:
postgresql:12 security update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- postgresql には、少なくとも 1 つのスキーマに一時的ではない
オブジェクトを作成する権限を持ったリモートの攻撃者により、
特権ユーザーを含めた他のユーザー権限で任意のコード実行を
可能とする脆弱性が存在します。(CVE-2022-2625)
Modularity name: postgresql
Stream name: 12
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-2625
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the object targeted in CREATE OR REPLACE or CREATE IF NOT EXISTS. Given all three prerequisites, this flaw allows an attacker to run arbitrary code as the victim role, which may be a superuser.
追加情報:
N/A
ダウンロード:
SRPMS
- pgaudit-1.4.0-5.module+el8+1536+a61fe1ae.src.rpm
MD5: fd4a14376ddb9677b3941e2a2450d900
SHA-256: 822938350add018cc66c45f35bc61014ea96845f8e2352ff6625905bc0405be8
Size: 42.07 kB - pg_repack-1.4.6-3.module+el8+1536+a61fe1ae.src.rpm
MD5: 88e9bfa28b5f79f8004fcfc0da2f6fb4
SHA-256: 86c9c3b454d355533d40f7d8145873c10d26330e0d7da10754c87c0d23b7901d
Size: 100.99 kB - postgres-decoderbufs-0.10.0-2.module+el8+1536+a61fe1ae.src.rpm
MD5: 7ab151fcd00825c850eee46323df97a1
SHA-256: e6c80b16bacc3e96e11e7516141542978269cf7c7f55f31c9609735f51598311
Size: 21.13 kB - postgresql-12.12-1.module+el8+1536+a61fe1ae.ML.1.src.rpm
MD5: d116425a48b92e53213868030e85ba00
SHA-256: e02d268409630057a16304ed376f822a55fa8fbefc047d931432fc0117c9ce66
Size: 46.31 MB
Asianux Server 8 for x86_64
- pgaudit-1.4.0-5.module+el8+1536+a61fe1ae.x86_64.rpm
MD5: 77c15fd7592a9da3f10135cb1a9e164d
SHA-256: 99d377fd0ec45048ea26729f4f08a1c443abb69ae2e57797676c244766435b2d
Size: 26.88 kB - pgaudit-debugsource-1.4.0-5.module+el8+1536+a61fe1ae.x86_64.rpm
MD5: 953d38a426686a52333601639da5a89f
SHA-256: deaf5c645e06f16631d44a22f750be15680795e5d9cfbb028d96fd79299dd05b
Size: 22.80 kB - pg_repack-1.4.6-3.module+el8+1536+a61fe1ae.x86_64.rpm
MD5: 84fc29750fdab986b10cc98c1a77b7be
SHA-256: 1c54bf4e156b0131a479dccf2c8452480f473382aad04f6073b33b3cf4c23149
Size: 89.14 kB - pg_repack-debugsource-1.4.6-3.module+el8+1536+a61fe1ae.x86_64.rpm
MD5: 73685c2ff5a977ff653390685bbde1bd
SHA-256: 549e891ad7c67edd58edb3beaa4c1d129f594903ab6391d8fd9c41d7727e164c
Size: 49.69 kB - postgres-decoderbufs-0.10.0-2.module+el8+1536+a61fe1ae.x86_64.rpm
MD5: aeeefc1268e4532778c861819df16051
SHA-256: bfa09aad34145ecd64d3ea27cd11b75cf4dba5e0b3e59416f7e49a91fe781aec
Size: 21.83 kB - postgres-decoderbufs-debugsource-0.10.0-2.module+el8+1536+a61fe1ae.x86_64.rpm
MD5: 2df94237a0cc88cb5a1dd886a5631e51
SHA-256: 772fc4b033939f505a6846f07dc49a549a0895fd7ac196e801947608f648a9f5
Size: 16.81 kB - postgresql-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 7f945c2e23e3eec9cfeb41a706c9c8cb
SHA-256: 778a43b5e3df823013188443d9f6aead55feaf6fb45a3620aed0b23a3f3e2a19
Size: 1.49 MB - postgresql-contrib-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 0b60c1ad0c450af304fa15492a3b359b
SHA-256: 2346db5b3ae63e68053f16e81089e353f45b7ffca6fd85a40f844b4980da44d2
Size: 869.51 kB - postgresql-debugsource-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 385ef70df6b61f486bac974c7a25273f
SHA-256: 7c68b5566aa235d0e969eb9fb0245d9728b006edcd2ca55747422fbbd3396070
Size: 16.92 MB - postgresql-docs-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 98a1adf217cc76615b41256500263146
SHA-256: ecaf54cc92fbd3e7838bd7ad80d635167e7b152ea20056626852af25dbf1c445
Size: 9.67 MB - postgresql-plperl-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 7a9c159750804449df5a92c97c52a3dc
SHA-256: 0c3342af6dbda4fa52c9e6b4199f0dc18ea1adc95947cedd3454304632169c2f
Size: 109.28 kB - postgresql-plpython3-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: b9f054e4aad4dbc25d451aded252949d
SHA-256: fe767af654edec48c36a579edae097c45e7fbe8da651540c91f6cf93982991d5
Size: 128.97 kB - postgresql-pltcl-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: e0765184bd1094f7f0ff7dcfe1d65b21
SHA-256: 0bb7d066467983ba6c6c8e30c175a4be127b06360a80eedd326879ae519e4e3b
Size: 84.87 kB - postgresql-server-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: c4bf959ee778fe38ab1f09b6e7338328
SHA-256: 92e974705280753e8273ce7f7e7b0abaa0a2b527db260f865785c54a63e5c4f1
Size: 5.57 MB - postgresql-server-devel-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 67228c1b7cc4972e0e8e852e3f868a6b
SHA-256: 5f3f4047da12ca6e44536c4be4217ca07465a5bbfaca61e03cc3329cc6783029
Size: 1.22 MB - postgresql-static-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 054457ac12a7a07026a0cee61fb29116
SHA-256: f6fbc5e00691a4a0dd71a0de7699bcb9bbf4684df6538f469b488433a43362bc
Size: 167.11 kB - postgresql-test-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: ace00ee8f33d4856ef5fb5cf32b5ecde
SHA-256: 557f514c6c61f4f88d15be9236752889a6504a001165388f920633c3a277f4f1
Size: 1.93 MB - postgresql-test-rpm-macros-12.12-1.module+el8+1536+a61fe1ae.ML.1.noarch.rpm
MD5: 5a129476038b9963c1331c1511dfee84
SHA-256: 0dadae914e525888fb1a56d5900e28a2a79c30267c09b740adce19384c4f991a
Size: 52.74 kB - postgresql-upgrade-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 47deb6e7685881954b18375832901fd3
SHA-256: 80d8805d7d71ff91218657089999394ac3397f8f9459306b6d79b9711cfe30ab
Size: 4.07 MB - postgresql-upgrade-devel-12.12-1.module+el8+1536+a61fe1ae.ML.1.x86_64.rpm
MD5: 7dcc442beb59741f78d31c5a258366f9
SHA-256: 689a6cdf3b471090d950c06b2a2a251ea9465943422acf7080cde00bf7edba8c
Size: 1.13 MB
English