Description:
PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs to access a PostgreSQL database.
Security Fix(es):
* postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692)
This update introduces a backwards incompatible change required to resolve this issue. Refer to the AlmaLinux Knowledgebase article 5266441 linked to in the References section for information on how to re-enable the old insecure behavior.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture |
Package |
Checksum |
noarch |
postgresql-jdbc-42.2.3-3.el8_2.noarch.rpm |
97a79db09495b644e54310081b5c39e99227954fe9257a09d2a62fa73eed0d11 |
noarch |
postgresql-jdbc-javadoc-42.2.3-3.el8_2.noarch.rpm |
a51d515c23ce42598eb0f91cf473542e405596a86109f90f5df329786adc572e |