ALSA-2024:10791

[ALSA-2024:10791] Important: postgresql security update

Type:

security

Severity:

important

Release date:

2024-12-05

Description:

PostgreSQL is an advanced object-relational database management system (DBMS).  

Security Fix(es):  

  * postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID (CVE-2024-10978)
  * postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code (CVE-2024-10979)
  * postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes (CVE-2024-10976)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	postgresql-contrib-13.18-1.el9_5.aarch64.rpm	0193d597daeddd92214034eb2225106a4f7db17a1599df25cdf6a9d66dcbf129
aarch64	postgresql-test-13.18-1.el9_5.aarch64.rpm	09feba60fc3b06c9916bf08c0ab27489a398e5bc2aa8218577908358b0bd6dc7
aarch64	postgresql-server-devel-13.18-1.el9_5.aarch64.rpm	18a89cb000c97f59b199e59413854fb8a563ce7042a691b833618b9e63eab4d5
aarch64	postgresql-private-devel-13.18-1.el9_5.aarch64.rpm	341a95e4dd23b615e6f65f9695c22f79cd769750630ad6f90ca7f815769cb26b
aarch64	postgresql-private-libs-13.18-1.el9_5.aarch64.rpm	37ba97d8b53e08d3da6e77112266092333c1fe7216cdf04e1a26ba7751ccd57e
aarch64	postgresql-pltcl-13.18-1.el9_5.aarch64.rpm	4216bb0483d50b976587a09a0c1bc1fca902e2ae3d614607794477684aaae0fd
aarch64	postgresql-plperl-13.18-1.el9_5.aarch64.rpm	4b48aa2b177f2ce943b6018a9898e2872627c3584732b291e5c12458aecb2775
aarch64	postgresql-13.18-1.el9_5.aarch64.rpm	4d811012a62653a34dad49fb8dc38f7fe7fcfa8c1919c8a02760ec56f9433036
aarch64	postgresql-static-13.18-1.el9_5.aarch64.rpm	58e9eaa3de9cad83742f55e2cd5226816b74df5ee40e753570bbb3edb4471be1
aarch64	postgresql-plpython3-13.18-1.el9_5.aarch64.rpm	67cd87dfd5ca6cd6cfe12c5682dd9f880de3cad868a515f22ef6fd64a716a1dc
aarch64	postgresql-docs-13.18-1.el9_5.aarch64.rpm	69f8f8b417c7c08643314ef9a2b4ec3594e9e567159eb08e16c7ebdd603739f0
aarch64	postgresql-server-13.18-1.el9_5.aarch64.rpm	a8c68a035e67ce9f3454da7441de9017eeabea423cad03df923926614b679121
aarch64	postgresql-upgrade-13.18-1.el9_5.aarch64.rpm	ba0027f25a8365c86dd44c5e273e7835fd84ec0c3f565c3630cc69481c57545e
aarch64	postgresql-upgrade-devel-13.18-1.el9_5.aarch64.rpm	dd616b8d09384809183d04679c04c9c52c3f9b6e9f80b8546596850dfd87e187
noarch	postgresql-test-rpm-macros-13.18-1.el9_5.noarch.rpm	8e7546673e90d6d2cf20b6956f17bd1e184001032394a5fb82dfcd5ef8e622ee
ppc64le	postgresql-private-libs-13.18-1.el9_5.ppc64le.rpm	01bd8e071abd2de0dd1d12475086e2bc29201c69a8e9140a48ab75ac86007505
ppc64le	postgresql-server-devel-13.18-1.el9_5.ppc64le.rpm	2ffcd898d7e5d556a7fcad732a929891793484da5bdfeebe18d93ee6c0223bda
ppc64le	postgresql-static-13.18-1.el9_5.ppc64le.rpm	30242853b25e40c3887c5649f25ebcb9bfb0dd9f46852869671a92353cdb5d7e
ppc64le	postgresql-pltcl-13.18-1.el9_5.ppc64le.rpm	5642f63b9d92f1879033366172e9aaa6e3eb724a8d7254427a1be80d938349e6
ppc64le	postgresql-plperl-13.18-1.el9_5.ppc64le.rpm	6874afcf96f9e42d9f6ba3a772de2607f52766df02e493ab457b776437eef478
ppc64le	postgresql-upgrade-devel-13.18-1.el9_5.ppc64le.rpm	753c7555a44815ece542f481265c5bd1e1479576f1dfe133fba4de9cd2930214
ppc64le	postgresql-docs-13.18-1.el9_5.ppc64le.rpm	885d1de57aaf9a69feadee45d2e83190fae7d30dd87dc22359ddb1f815c0206c
ppc64le	postgresql-server-13.18-1.el9_5.ppc64le.rpm	8af25fe167a3baa820b2f6a2b97de9672be33f8fa9024cca297dfc2934471441
ppc64le	postgresql-contrib-13.18-1.el9_5.ppc64le.rpm	9393001da39e914aac57926e047abc12648d0c5eaddef75bd7512f5fa17686be
ppc64le	postgresql-test-13.18-1.el9_5.ppc64le.rpm	a7a5b0534be629258447e2c9001c2a01c9f46fceb8aa04ae22b9d0db9438861a
ppc64le	postgresql-13.18-1.el9_5.ppc64le.rpm	bb7602d376b2574c00f34174a7895c70500f10f0d0eb6d583390805097666dc3
ppc64le	postgresql-private-devel-13.18-1.el9_5.ppc64le.rpm	bf38ccd1b8be0855c6f2fb73e73c0c0d9a52a92360e41808fe71569215e3a286
ppc64le	postgresql-upgrade-13.18-1.el9_5.ppc64le.rpm	d5b0cb82ff0988e0c3b8cad9e4d149f5096d3ed52850d748e46a1ae798dfc58d
ppc64le	postgresql-plpython3-13.18-1.el9_5.ppc64le.rpm	ee714b2f5c5cf322934c55065bc25004caeabf98c563f092c1c9afe3270ba0bb
s390x	postgresql-server-devel-13.18-1.el9_5.s390x.rpm	0ce6c80044679be8fa58951a296638ee82e94a406b5f14025556104298d93761
s390x	postgresql-static-13.18-1.el9_5.s390x.rpm	1a15480f15fbd090446c6f8d432d0e44048f2c5a986d06b56f7cd2b486476cd8
s390x	postgresql-private-devel-13.18-1.el9_5.s390x.rpm	4c570cdb43d27d988847ddfb3d71f52fc54ec84b27876d5591381b18b1194a3f
s390x	postgresql-upgrade-13.18-1.el9_5.s390x.rpm	6637a8dbc5615c3b84b301ef37b0287d3564672e4e59f5c5befb643984ca798f
s390x	postgresql-upgrade-devel-13.18-1.el9_5.s390x.rpm	75d71c57236ff3ba202e56afbe4392a395fb47b7fe62029eb0e7ade690215efb
s390x	postgresql-docs-13.18-1.el9_5.s390x.rpm	8b99b0432f1344751ac1dd700d3885f9af33eb3a609400512cdb82c2e769692a
s390x	postgresql-contrib-13.18-1.el9_5.s390x.rpm	9ebb26485bdab766b7fca51df33a6687f163959a2fa36f62b9a3456a4586d5bd
s390x	postgresql-private-libs-13.18-1.el9_5.s390x.rpm	b2981a0c2c0f2b8c308efa70ba621c7111fba6b0a75b71a337d00e7a512eaf39
s390x	postgresql-plpython3-13.18-1.el9_5.s390x.rpm	b6b6534a618cf832c9e7803a6527e2ed614aa9972d00304d6d5ae5aa7886f689
s390x	postgresql-server-13.18-1.el9_5.s390x.rpm	bc65b191044c96562ccfe271c3185a76979a1fb679dfc32a84b6f04061ddc8b4
s390x	postgresql-pltcl-13.18-1.el9_5.s390x.rpm	cff2555d024832d7177e97d3821385c8b80ea26dd72a11549e93ffcf4b701acd
s390x	postgresql-plperl-13.18-1.el9_5.s390x.rpm	d3fda30944900d6fcb22305de42deb5b0834770fb01970014be58b8065c89fcd
s390x	postgresql-13.18-1.el9_5.s390x.rpm	e129e0c2f2588123e4f7afba26fcec8855783a27af1d1fb1113c70b38e61d3e5
s390x	postgresql-test-13.18-1.el9_5.s390x.rpm	ef5205daacfc5a7f100479e43649d2e6590794789e63ac754cf0b871e9fb86ec
x86_64	postgresql-13.18-1.el9_5.x86_64.rpm	42dbe5e784cde87793263a7f406f7488c7160e3218d595a241e901e36a8c9f07
x86_64	postgresql-upgrade-devel-13.18-1.el9_5.x86_64.rpm	66d1a4da38806f039f2b89a98d9aee231e2e8bc4317371c13160a842fffc35db
x86_64	postgresql-docs-13.18-1.el9_5.x86_64.rpm	781ea4f966d0b18b86b89511db399b723e347f45ecb1aa40d7882bd8f10334d5
x86_64	postgresql-private-devel-13.18-1.el9_5.x86_64.rpm	7cb99117e0357f089c699492bf607a70dec6c3b49486dd446824cc8c6c955bdc
x86_64	postgresql-plperl-13.18-1.el9_5.x86_64.rpm	7ea57ef0f23b5c4446ed506490326a130c22b264ea99add6c39f11440c5e2ee2
x86_64	postgresql-private-libs-13.18-1.el9_5.x86_64.rpm	8b6173ff3efe5cc08af1478fced7df03d11cf8e3403f59d767c546c7201d0062
x86_64	postgresql-plpython3-13.18-1.el9_5.x86_64.rpm	b20dfe4f067e213f94c7a501fe91e56f5771026c23b57a79484e4aa060dba469
x86_64	postgresql-static-13.18-1.el9_5.x86_64.rpm	b4ee588e7f502bff11a3a787519df29d9ecc177554ccc520757e3eec43c02e88
x86_64	postgresql-test-13.18-1.el9_5.x86_64.rpm	b838bb7b2262af1d00d4cf178d50fe987e07978ce6c154696504745e7a2c61c8
x86_64	postgresql-pltcl-13.18-1.el9_5.x86_64.rpm	c8e666feeabfe3071088c93982e98b3ce4f59f36194b2faa28664ec32267e8b4
x86_64	postgresql-upgrade-13.18-1.el9_5.x86_64.rpm	d42152525a804e707c825ccd2aa6472b8257dd313c38a9ce46c73532c38ae987
x86_64	postgresql-contrib-13.18-1.el9_5.x86_64.rpm	d9837d56d58b947f77b0af5ab98293fb5c034992424f05e9a13f66823bd137bc
x86_64	postgresql-server-devel-13.18-1.el9_5.x86_64.rpm	df2147f996515e9b69b29097423db0586ea2c3d3509933d8dff1759961d3b084
x86_64	postgresql-server-13.18-1.el9_5.x86_64.rpm	f3ce43ccbb0ffdda6e8e425717b54b85183b01802a48b9085ae5f4a2bf3fd342

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.