postgresql-13.7-1.el9
エラータID: AXSA:2022-3975:03
リリース日:
2022/11/02 Wednesday - 06:40
題名:
postgresql-13.7-1.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- PostgreSQL の Autovacuum 機能、REINDEX・CREATE INDEX・REFRESH
MATERIALIZED VIEW・CLUSTER の各 SQL 文、および pg_amcheck コマンド
には、オブジェクト保護機能に問題があるため、少なくとも一つ以上の
オブジェクトに書き込み権限を持つ攻撃者により、 任意の SQL 文の
実行を可能とする脆弱性が存在します。(CVE-2022-1552)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-1552
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.
追加情報:
N/A
ダウンロード:
SRPMS
- postgresql-13.7-1.el9.src.rpm
MD5: 1bec71a9a0e71e7d1681b21151bb7cde
SHA-256: b26d4c6bdf1e98b978ef9ed788875d8ca43c4f4296a426017e5c78a50afb53e2
Size: 48.11 MB
Asianux Server 9 for x86_64
- postgresql-13.7-1.el9.x86_64.rpm
MD5: e880e1d705f9a8e9291977a2e336c2d8
SHA-256: f4fd82907d1303fc1a3587018769fb842df48f49ba0e2e21a733e08b91868dac
Size: 1.53 MB - postgresql-contrib-13.7-1.el9.x86_64.rpm
MD5: 573b03dc749a8763b78f921644f4166d
SHA-256: c3f66d329401147e02dae7fca2b5c99d35b2a4f3c99fb71c37602a89083deb6c
Size: 810.87 kB - postgresql-plperl-13.7-1.el9.x86_64.rpm
MD5: 7fb477c792f792263b43e82059b32e42
SHA-256: 1ceafaf28ebfa84cf6889edc769a11effc7184adca032c67879ebba4d15f90a2
Size: 70.86 kB - postgresql-plpython3-13.7-1.el9.x86_64.rpm
MD5: 2a1d6c9d09f89a3f7de2a44ed9803c09
SHA-256: ed3e6c9a6ab2be27de205133106711fb9ad5812b916761af7849841238a78612
Size: 91.68 kB - postgresql-pltcl-13.7-1.el9.x86_64.rpm
MD5: 612c0945d962b3b4d0e7305caed0e4cb
SHA-256: f14f8bd28dc6b2492fef0b712c56a33ff21944749ff9e2148c98eb6943e5a86c
Size: 46.41 kB - postgresql-private-devel-13.7-1.el9.x86_64.rpm
MD5: 94e4fa81626453e8436ac1b4316988a0
SHA-256: d3dbeb2e836a442b7c3fea81d7b9139e9a4c910c0f6971ddb14f54ad712ccbb9
Size: 60.75 kB - postgresql-private-libs-13.7-1.el9.x86_64.rpm
MD5: 6cfffb0b855bc8ec69f2714cfedd324f
SHA-256: 4205f7fd6f501e840bf2862c7340181519e09a004f1325eb7e334f1f4cdfb590
Size: 135.79 kB - postgresql-server-13.7-1.el9.x86_64.rpm
MD5: ac1b3be4b13f10c43e433a5819f6717a
SHA-256: 82b693f8d73188bb3045dcfad75bcede9d17944a27a600817948a1120b7a2c8b
Size: 5.74 MB - postgresql-server-devel-13.7-1.el9.x86_64.rpm
MD5: cda972df156b88bf80045854450f2e06
SHA-256: ca80438216473148d474dffacdac70408e49f53c547e22e1712fd029399e6361
Size: 1.11 MB - postgresql-test-13.7-1.el9.x86_64.rpm
MD5: 7d05e2fc09fd56e3d5aac4b3cdfee562
SHA-256: c4f63060fc1516b68899fdb47468e968e857e48299a400f0b0386b856f4e4113
Size: 1.41 MB - postgresql-upgrade-13.7-1.el9.x86_64.rpm
MD5: 6c2889266560747fb8051d2fc6a793b0
SHA-256: 1694895a4fd163a5d46514446ec8978ba85feeaa0b37fd89ce69da60383b0c89
Size: 4.56 MB
English