ALSA-2021:5236

[ALSA-2021:5236] Moderate: postgresql:13 security update

Type:

security

Severity:

moderate

Release date:

2021-12-22

Description:

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (13.5).

Security Fix(es):

* postgresql: memory disclosure in certain queries (CVE-2021-3677)

* postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	pg_repack-1.4.6-3.module_el8.6.0+2758+4f4474df.aarch64.rpm	171b64e80f9cd7045800367f93bc0e088d4f5f3feb14e89f96e0a1fd9d94956c
aarch64	pgaudit-1.5.0-1.module_el8.6.0+2760+1746ec94.aarch64.rpm	5693432a162b3d47be77299991ed7dd77bc206427ce8f7442f27f6342a7502f3
aarch64	postgres-decoderbufs-0.10.0-2.module_el8.6.0+2758+4f4474df.aarch64.rpm	bf811155cf3657988a3d16afe45a7c73de068ad1a9b8a34d8f78d145ee445bee
noarch	postgresql-test-rpm-macros-13.5-1.module_el8.5.0+2607+8c0fd184.noarch.rpm	992a9242956faa660c1a505314fc65c55f5d8436397d74eedb721b7baf0b7502
ppc64le	postgres-decoderbufs-0.10.0-2.module_el8.6.0+2760+1746ec94.ppc64le.rpm	13cd44b926f28289bb0a5b01f74460112ef2a7b442da8131cb2586d4227ef755
ppc64le	pgaudit-1.5.0-1.module_el8.6.0+2760+1746ec94.ppc64le.rpm	69187c120a179f0153c3110e7c5dd4cd103e1c2bb0c9b4a0da8a16b85c3f3390
ppc64le	pg_repack-1.4.6-3.module_el8.6.0+2760+1746ec94.ppc64le.rpm	9a907ca1b9082a2da428045283c26d15f54bd5ed2179c1de36a53ae6b52c08bb
x86_64	postgresql-server-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	2506b00dcb1f1d553bfd61db52a1fa76222039c324e681dc7a5eaedb20692698
x86_64	postgresql-plperl-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	2ed9b2ff64c44028747f3764986f5713ab5a1a9f5e69dc4b38fe515626ff8fa6
x86_64	postgresql-static-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	316841756e5232304192377b126a92f31eb686e4fde46c22dfc18e4a7c68a5fe
x86_64	postgresql-contrib-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	4685d97a75289f9269b68b2540bd8343e21d9267f210b53ee020d248a5d25897
x86_64	postgres-decoderbufs-0.10.0-2.module_el8.5.0+2607+8c0fd184.x86_64.rpm	59962d9259ecd2c5962512cccfe58620f1c6dce91ff1bcbd4a470dad33bf4311
x86_64	postgresql-test-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	722671eb597b3bb1b05460706a3c034db48df503468aa02e1a3f8cf7b279dca6
x86_64	postgresql-upgrade-devel-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	916752c95932a52b149d15455f287f1010edd1351bf10860f33b6680afb104d4
x86_64	postgresql-pltcl-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	afa85322d3a40cbd3e5206482b84f87245e811f90cf592046c3126bb97b5d211
x86_64	postgresql-plpython3-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	c0c23f882bc60734793f66d28247c359493750a86188788f14ba31466c400d39
x86_64	pgaudit-1.5.0-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	cb5647e185ca31d351c9803216d7a14cf2c08bb53cd48acc86a0a61677ae5e4f
x86_64	postgresql-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	cf7231cdcfe28ae0f306f56aacf34434377cd0fa2e03da342a58d440cb2b30e3
x86_64	postgresql-server-devel-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	d0f8fe6d4867694e65e6cf5c8d9ad0b22060aacb98fd7e3c99f4c20113ea5a87
x86_64	pg_repack-1.4.6-3.module_el8.5.0+2607+8c0fd184.x86_64.rpm	d2e8d0a9b5f27a8e1e022bcb77196479915f50345ba315105ec6abe2eb11dec2
x86_64	postgresql-docs-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	dbaa1cfec7d7a70650fc6318b1900f9194da0c2935146c4a81386c6891efd3b4
x86_64	postgresql-upgrade-13.5-1.module_el8.5.0+2607+8c0fd184.x86_64.rpm	de86dd911ca555a317334c234d22122da37a1c8d9bb8fbc17f63867d9ca077c5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.