Malware Devil: ESB-2021.2122 – [RedHat] postgresql: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.2122
postgresql security updates
15 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: postgresql
postgresql:12
postgresql:9.6
postgresql:10
rh-postgresql12-postgresql
rh-postgresql10-postgresql
rh-postgresql13-postgresql
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-32029 CVE-2021-32028 CVE-2021-32027
CVE-2021-3393

Reference: ESB-2021.2100
ESB-2021.2071
ESB-2021.1881
ESB-2021.1845

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:2389
https://access.redhat.com/errata/RHSA-2021:2390
https://access.redhat.com/errata/RHSA-2021:2391
https://access.redhat.com/errata/RHSA-2021:2392
https://access.redhat.com/errata/RHSA-2021:2393
https://access.redhat.com/errata/RHSA-2021:2394
https://access.redhat.com/errata/RHSA-2021:2395
https://access.redhat.com/errata/RHSA-2021:2396
https://access.redhat.com/errata/RHSA-2021:2397

Comment: This bulletin contains nine (9) Red Hat security advisories.

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: postgresql:12 security update
Advisory ID: RHSA-2021:2389-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2389
Issue date: 2021-06-14
CVE Names: CVE-2021-3393 CVE-2021-32027 CVE-2021-32028
CVE-2021-32029
=====================================================================

1. Summary:

An update for the postgresql:12 module is now available for Red Hat
Enterprise Linux 8.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) – aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (12.7)

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

* postgresql: Memory disclosure in partitioned-table UPDATE … RETURNING
(CVE-2021-32029)

* postgresql: Partition constraint violation errors leak values of denied
columns (CVE-2021-3393)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1924005 – CVE-2021-3393 postgresql: Partition constraint violation errors leak values of denied columns
1956876 – CVE-2021-32027 postgresql: Buffer overrun from integer overflow in array subscripting calculations
1956877 – CVE-2021-32028 postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
1956883 – CVE-2021-32029 postgresql: Memory disclosure in partitioned-table UPDATE … RETURNING

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.src.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.src.rpm
postgresql-12.7-1.module+el8.2.0+11251+7a3cc531.src.rpm

aarch64:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.aarch64.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.aarch64.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-contrib-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-contrib-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-debugsource-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-docs-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-docs-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-plperl-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-plperl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-plpython3-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-plpython3-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-pltcl-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-pltcl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-server-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-server-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-server-devel-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-server-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-static-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-test-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-test-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-upgrade-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-upgrade-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-upgrade-devel-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm
postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.aarch64.rpm

noarch:
postgresql-test-rpm-macros-12.7-1.module+el8.2.0+11251+7a3cc531.noarch.rpm

ppc64le:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-contrib-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-contrib-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-debugsource-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-docs-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-docs-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-plperl-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-plperl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-plpython3-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-plpython3-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-pltcl-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-pltcl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-server-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-server-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-server-devel-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-server-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-static-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-test-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-test-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-upgrade-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-upgrade-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-upgrade-devel-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.ppc64le.rpm

s390x:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.s390x.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.s390x.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-contrib-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-contrib-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-debugsource-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-docs-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-docs-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-plperl-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-plperl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-plpython3-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-plpython3-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-pltcl-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-pltcl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-server-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-server-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-server-devel-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-server-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-static-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-test-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-test-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-upgrade-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-upgrade-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-upgrade-devel-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm
postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.s390x.rpm

x86_64:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.x86_64.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.x86_64.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-contrib-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-contrib-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-debugsource-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-docs-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-docs-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-plperl-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-plperl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-plpython3-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-plpython3-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-pltcl-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-pltcl-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-server-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-server-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-server-devel-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-server-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-static-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-test-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-test-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-upgrade-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-upgrade-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-upgrade-devel-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm
postgresql-upgrade-devel-debuginfo-12.7-1.module+el8.2.0+11251+7a3cc531.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3393
https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/cve/CVE-2021-32029
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcZdtzjgjWX9erEAQi3Xg/+PXWPkpdASXaAjojsfybNq4TLQAe1pisY
el9BE1y4cvR7ehWyOpltqkc7t7QRDE8IsZCZIrfPJy1XdycXZdSuGxdspFsBCEQN
FMcYZLU/0xOO+z6ilHiCPC6BHX/Qu5tqD7TvtvER8k987E7g81H8FVwmCEpeag16
jyuCuYdTTmdhPmKsyNzsG407u0T0cbh6ecMVDjaKllWlpgpyZTEjxW2J6jJf4V5X
K11oMkiXWwpjEfdjVdhDT38qBGxQYAcCTpCPh9KUzJY1FoQEnlWxZa9jHb8Ev+q0
Fu18Kb1Zf92GemmTN15hYa/ktf85TaOJBWbmYcUPZn/G4JAZ5ZmrqNsTVaC//he+
awNCG97B8ecaUl/NzHSNO8vXE//7efUojMwbP8pRWumAg8BdX/ycZWE2zbOuHYEA
hihCibmDCLE2DJbrxteHF/fIQryE16AUOx4NH8UXj3ftI02m3n2JH4Pss0bSp8sp
YszXQ9RFSP+mIZv68pL+Qtnc2FPZBgsY2U0fuIt5vtnlcCTQD5o0Vp4jmRguV5/D
8Rc68toKoqKNeJIPXV85Zch/Gt2PpSo/um4SzdEaYiSDKLW48tI86oA6H/RlFjRL
Wwkdi2U5L/tO9glcx/AvPsI+IlsyCnfgw2SNV3VOYcwlrmor28eWxKIG3fIcND6X
nhW6hcr4YSk=
=6YhU
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: postgresql:10 security update
Advisory ID: RHSA-2021:2390-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2390
Issue date: 2021-06-14
CVE Names: CVE-2021-32027 CVE-2021-32028
=====================================================================

1. Summary:

An update for the postgresql:10 module is now available for Red Hat
Enterprise Linux 8.2 Extended Update Support.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) – aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (10.17)

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
postgresql-10.17-1.module+el8.2.0+11247+01f3c012.src.rpm

aarch64:
postgresql-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-contrib-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-debugsource-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-docs-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-plperl-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-plpython3-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-pltcl-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-server-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-server-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-server-devel-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-static-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-test-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-test-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-upgrade-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-upgrade-devel-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.aarch64.rpm

ppc64le:
postgresql-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-contrib-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-debugsource-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-docs-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-plperl-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-plpython3-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-pltcl-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-server-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-server-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-server-devel-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-static-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-test-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-test-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-upgrade-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-upgrade-devel-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.ppc64le.rpm

s390x:
postgresql-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-contrib-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-debugsource-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-docs-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-plperl-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-plpython3-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-pltcl-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-server-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-server-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-server-devel-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-static-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-test-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-test-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-upgrade-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-upgrade-devel-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.s390x.rpm

x86_64:
postgresql-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-contrib-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-debugsource-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-docs-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-plperl-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-plpython3-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-pltcl-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-server-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-server-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-server-devel-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-static-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-test-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-test-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-upgrade-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-upgrade-devel-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.2.0+11247+01f3c012.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMccg9zjgjWX9erEAQgFrRAApMH3xWzOWkB9eSKgoDJGOdi921x8l44D
WNuw6TZmWZuabiSHW7F/Y5fQhfUV9uhHzZ0NCOkBHbqxlzck55YhXKdfXuqc11gk
CSTAcR3gtGUC3duu5HAeqtgjDYCqZc7BBEdc3a6LmNDdO87t1a1Hq1eV9a5iotPR
Yv19Djb5xVmxWy8MaJShnuTBnHd/70XT1vnXvqTcKLk+LO19U0jh+PRrf8p2cLGR
tfhlC6Vs9c9TyLlrsWBtHTIi6u0cY8nKO8cloRySsquTedw2tF7FG3HPPh/zgDqg
xvqSZd/+o53b1kbagvaiRaefn3evNt2GvL75SGvMTc4MZH/e6SlQpVrwi7phTcwf
JWGeKvvMDMBA0Rinuqfr6sW3mchAbg8fgPvGXyQobs5pfBuvp+DvzT5fWZF8LvnA
YpqZNT/MXzLqAcgUi1Mv298Kr8vqFcLt8/LUlSfljLEq1zL5YTqxspPSoWicaVF5
25cSqbs9vsPM9oo8zGGs4i0cMdW/SWENs+xXO+LgYfYNkBXysqdOzfK7gCnuzo54
QFTUzlBrLPU9kvo3Fp1wtqcvfB0Q9XjDWuKBGznHb2FKUd1F+7cTjuuu+zZ42qpz
GSuAkDhbj64G6o9Bs6MlSaAsYGx3N2zB9PL/TdPRcr8ybxARYahS8yWVXqAvKRzA
fVrqzuz/0l8=
=FDzq
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: postgresql:9.6 security update
Advisory ID: RHSA-2021:2391-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2391
Issue date: 2021-06-14
CVE Names: CVE-2021-32027 CVE-2021-32028
=====================================================================

1. Summary:

An update for the postgresql:9.6 module is now available for Red Hat
Enterprise Linux 8.2 Extended Update Support.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) – aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (9.6.22)

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
postgresql-9.6.22-1.module+el8.2.0+11238+a7309cb6.src.rpm

aarch64:
postgresql-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-contrib-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-debugsource-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-docs-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-plperl-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-plpython3-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-pltcl-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-server-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-server-devel-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-static-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-test-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.2.0+11238+a7309cb6.aarch64.rpm

ppc64le:
postgresql-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-contrib-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-debugsource-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-docs-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-plperl-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-plpython3-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-pltcl-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-server-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-server-devel-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-static-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-test-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.2.0+11238+a7309cb6.ppc64le.rpm

s390x:
postgresql-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-contrib-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-debugsource-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-docs-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-plperl-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-plpython3-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-pltcl-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-server-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-server-devel-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-static-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-test-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.2.0+11238+a7309cb6.s390x.rpm

x86_64:
postgresql-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-contrib-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-debugsource-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-docs-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-plperl-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-plpython3-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-pltcl-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-server-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-server-devel-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-static-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-test-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.2.0+11238+a7309cb6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcZktzjgjWX9erEAQijIQ//WuXLm2ykbyVrANnkBA0J/RoHjFaYnAVz
hjbSHnkSFGfZ0H94zv6FWGZiQgKTYdbi2lnNkSgrz57z1UC52RJbb0TxKqshUN1Q
GctHj7A2s22M8NuRdWwkeM2xyJZIlQfVPFNlM105DB90mmnTT/Fjnmnwk69uMx+t
yIU+i4LC4DXd037ad660fn/aH/h3YLZDVxrHIjl5yZ/BpQ/v5UHOjbtM+a5A8at3
WBUOh6nGnVI9Cm9s9EMnVeqSYOsa9MFWvlYwWDORgWgjWc0bfi8NfemHwLarGCsl
MN/fbG5U4XqfxPGcGMIyQEpWN8SbygJ6noDDbQZa4Vx20VI/QubNX3BxYJ6sU6K/
t/i8/2K481Rr4N1i8MRDtDlX9tP0CqCc9josOls2XZzJ4INCHcj6PAT/pqlTUwTP
3+O+DYp10m3YGqFtavOjktFR5b4DwiQ4hVL5yMUXqWr1x9G+jQ4nc6r/dXCSYIWj
rtiwfJjn7Xoow9Vv3uR4EOwPQn5la2x7goGqDnuVjR2S8x0IWab0FepTiG64LW4E
Cn5i9TMJG+p//eOZebAWy1nW2EDTtQKLmvsuI8QRCmtP4sClq9nPfs1UJSq0zliU
LXU4qMKPx6h6BqUF22UxjBQzaETwEHO6/ZPkp1W5zkrnhwclYurVvt14ji6qJT7H
74mB4F9cZXE=
=5rbN
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: postgresql:10 security update
Advisory ID: RHSA-2021:2392-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2392
Issue date: 2021-06-14
CVE Names: CVE-2021-32027 CVE-2021-32028
=====================================================================

1. Summary:

An update for the postgresql:10 module is now available for Red Hat
Enterprise Linux 8.1 Extended Update Support.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.1) – aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (10.17)

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.1):

Source:
postgresql-10.17-1.module+el8.1.0+11246+8967ca4a.src.rpm

aarch64:
postgresql-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-contrib-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-debugsource-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-docs-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-plperl-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-plpython3-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-pltcl-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-server-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-server-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-server-devel-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-static-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-test-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-test-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-upgrade-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-upgrade-devel-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.aarch64.rpm

ppc64le:
postgresql-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-contrib-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-debugsource-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-docs-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-plperl-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-plpython3-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-pltcl-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-server-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-server-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-server-devel-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-static-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-test-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-test-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-upgrade-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-upgrade-devel-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.ppc64le.rpm

s390x:
postgresql-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-contrib-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-debugsource-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-docs-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-plperl-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-plpython3-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-pltcl-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-server-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-server-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-server-devel-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-static-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-test-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-test-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-upgrade-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-upgrade-devel-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.s390x.rpm

x86_64:
postgresql-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-contrib-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-contrib-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-debugsource-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-docs-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-docs-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-plperl-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-plperl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-plpython3-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-plpython3-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-pltcl-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-pltcl-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-server-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-server-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-server-devel-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-server-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-static-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-test-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-test-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-test-rpm-macros-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-upgrade-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-upgrade-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-upgrade-devel-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm
postgresql-upgrade-devel-debuginfo-10.17-1.module+el8.1.0+11246+8967ca4a.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcJw9zjgjWX9erEAQhoTw//TrrztAkjBbOXAqXdWBk7WEB83q04kIsJ
OaseaVXYg768LlgTZvSgE7T3kGVfp2DMiJ4aA7maUcAr0OjvyoVd2P2+T3EPVA6R
mTkeYLgWOOs3qRj2W7ow9XeOjJ9lxx3cEPhpLsE7mraS7xLXFgT5yzjVTFKo8ttG
f8T7RPzJZJmrvGSAFgkNqYeMzBqL8eeBG/yDjgwwu+UeL1rJnhFFOjdDtfg7AQQl
xdL+6z39YqgKEggfRHVNJ9VVahqpdl9X88nGK7IaWeFmb+CJpa8NOZ5OlMIvRfYq
yI1zUzmEigIX9GmgaXsKjuNU2TCGo4i7XHR+tgsvBL+E0JqRVFH9KAkJ5WNtiWvr
s0kcO7/xO7XLjFpAboFLBnLWEczauHvL3BcYE2Sdmm5Hnc5Sb5p/JfkOu8k5pKIq
SKVdiw7WyWmxFsh54VfgN7sxh+PRjSORPrFAWVkZVFFj5j90HvYy6ovduo5XamBO
HFslPF2SnMXKQDXSIttIpsREPCa7AWE1PZ3eTVtdu6hl8cNk8rSdXpwpF5PRhAg+
PMWtWoaKOm5LQSxJpAkxwmhmb8MJ/V0KiRvL4X2OnpT7pHGh5mHPilf0p2JwW5vG
A4q3lDOMcI7ltfPEN7xYNqZNANrqqTBCiu19hGNo+0kVvaFwfyhfsOla4uxP/RtZ
QqSrD/VSu/Y=
=u7Ye
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: postgresql:9.6 security update
Advisory ID: RHSA-2021:2393-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2393
Issue date: 2021-06-14
CVE Names: CVE-2021-32027 CVE-2021-32028
=====================================================================

1. Summary:

An update for the postgresql:9.6 module is now available for Red Hat
Enterprise Linux 8.1 Extended Update Support.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.1) – aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (9.6.22)

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.1):

Source:
postgresql-9.6.22-1.module+el8.1.0+11236+e0bc3a70.src.rpm

aarch64:
postgresql-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-contrib-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-debugsource-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-docs-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-plperl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-plpython3-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-pltcl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-server-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-server-devel-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-static-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-test-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.1.0+11236+e0bc3a70.aarch64.rpm

ppc64le:
postgresql-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-contrib-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-debugsource-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-docs-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-plperl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-plpython3-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-pltcl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-server-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-server-devel-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-static-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-test-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.1.0+11236+e0bc3a70.ppc64le.rpm

s390x:
postgresql-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-contrib-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-debugsource-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-docs-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-plperl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-plpython3-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-pltcl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-server-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-server-devel-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-static-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-test-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.1.0+11236+e0bc3a70.s390x.rpm

x86_64:
postgresql-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-contrib-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-contrib-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-debugsource-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-docs-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-docs-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-plperl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-plperl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-plpython3-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-plpython3-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-pltcl-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-pltcl-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-server-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-server-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-server-devel-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-server-devel-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-static-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-test-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-test-debuginfo-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm
postgresql-test-rpm-macros-9.6.22-1.module+el8.1.0+11236+e0bc3a70.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcKs9zjgjWX9erEAQhgzw//RtMiOgvA6Du/IjsNzvVGW4aufUkaroen
2hiyFB4iSf08MpGlPmXHBUiW7eLTu+4OoQiRx/uoW+yGFDsWzbpG1vOJdJxaOoFJ
8f7Iuadgm0aT/WUF/aGAsBNgbZdm67/9QDfCSd7X9vrusKZkFoYxDWMxy+ZayODw
NIBiZMja1QFR+6SaxEJyW6BZSqbQUi+X8VOgSJhTE0FipQjWn9nf482jFulcnPsl
ZDc6nKyHHyhVN2N+HdaAA+RY57ahs6plAsQsUJ/1V1sIG3DrJYJ7s0IQ5gNUvCsi
pBOVu1ayi90E8N+oy594S8KiOhxMVcwkTSc8Wnun67KmrzbgyKSCRQTZUMy2Bapg
zVYzJLYf3EL+gYYxb5ZKBbn4tWv+BRkn+uoWRSvcXLcASgeOcUiBs/BpfL8qmnxq
VO3RUgjeDx+pATds6xDMsr5f2DlSrz2XogrztR46ULEpMOUl4g3f+LXObtMj04vh
vpyBYU9Le3hgG9SNBVWUllkPEAx4hYCwE1H6v2RZ1PJkSP5aWkMN1uEwKrT12MnB
h1L1anQV4oiIhzoGR8X/SMnppq81WJ/YlSUzeoIFMhryzoG2D/j6h6FCAd5ZXC9L
agVLqjHD4iu36451wgB+m0fLMQqQBHFMiq3+8I64SEkLrPAOtzud8qu2l2UOwJw/
tGLH/vaJQ7I=
=6z5E
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: rh-postgresql12-postgresql security update
Advisory ID: RHSA-2021:2394-01
Product: Red Hat Software Collections
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2394
Issue date: 2021-06-14
CVE Names: CVE-2021-3393 CVE-2021-32027 CVE-2021-32028
CVE-2021-32029
=====================================================================

1. Summary:

An update for rh-postgresql12-postgresql is now available for Red Hat
Software Collections.

2. Relevant releases/architectures:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) – ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) – ppc64le, s390x, x86_64
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) – x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
rh-postgresql12-postgresql (12.7).

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

* postgresql: Memory disclosure in partitioned-table UPDATE … RETURNING
(CVE-2021-32029)

* postgresql: Partition constraint violation errors leak values of denied
columns (CVE-2021-3393)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
rh-postgresql12-postgresql-12.7-1.el7.src.rpm

ppc64le:
rh-postgresql12-postgresql-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-contrib-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-contrib-syspaths-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-debuginfo-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-devel-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-docs-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-libs-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-plperl-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-plpython-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-pltcl-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-server-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-server-syspaths-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-static-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-syspaths-12.7-1.el7.ppc64le.rpm
rh-postgresql12-postgresql-test-12.7-1.el7.ppc64le.rpm

s390x:
rh-postgresql12-postgresql-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-contrib-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-contrib-syspaths-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-debuginfo-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-devel-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-docs-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-libs-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-plperl-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-plpython-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-pltcl-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-server-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-server-syspaths-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-static-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-syspaths-12.7-1.el7.s390x.rpm
rh-postgresql12-postgresql-test-12.7-1.el7.s390x.rpm

x86_64:
rh-postgresql12-postgresql-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-contrib-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-contrib-syspaths-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-debuginfo-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-devel-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-docs-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-libs-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-plperl-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-plpython-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-pltcl-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-server-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-server-syspaths-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-static-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-syspaths-12.7-1.el7.x86_64.rpm
rh-postgresql12-postgresql-test-12.7-1.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
rh-postgresql12-postgresql-12.7-1.el7.src.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-postgresql12-postgresql-12.7-1.el7.src.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMce2tzjgjWX9erEAQhc0hAAoghTZw+E3vEWBoWFUqk0HMOwBbtVNac/
nJviFfeLH97nOIWxaUPnig+Rnw1/6h8QubZKzweKAy5fMUsNDPU5CGZSuWGmfDm1
cfXIsHYtxkXEU22cYLJOVkH+b4xt9j4mGfvLODm5sC+4Gruzl5MkYvv7OHTNHpu5
XMKkD0/9oK+Q5cJvfVHa1ygcdfSeB/hxdJkRevnCpaNiTFTLoUGYe20hAs4JQw2Q
sfMCRHP/CA6bbA552YZFRn7vDdjifRLlH7I5MPlAAJDAjMPoUiljpoI7jCWcD8B5
ZnVkzTvB2QW3YUgk8vbcAit+yNz0lTrZgGkSXdwZnXNUJ7BpwqDe/o3uzs/lZLsI
dcOjn3VlF2e4Q+fcmCVGoJrlOUM4JqiHxX9WWoAcgDOp/G83nIqyCw4iT0IJVvDL
TRkvenr081TCvnzbkZXhhmO/K6q/V0ozt6MtAHTp0/Rx3Ex/pmjR/SdxEOZcc350
u1qFsTyz6rOYO/SnZfotBe6vjxaMLd7VOMBSFBz0FWHrrW7gldPar3em4BgqBpJU
Fz/a5Ht4h1pnBNEnoVYRpQVfSYgINPaoTxqfXI5/X335ydmCYN4u9CPhQYzC25Pp
1FzXSD0oZR+hMjYsKUSy+qB+K8JjgYcfA3wtPB0eE/adXECldzU/9BG/ewjjLQEI
68mSyMaTIdA=
=U5YR
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: rh-postgresql10-postgresql security update
Advisory ID: RHSA-2021:2395-01
Product: Red Hat Software Collections
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2395
Issue date: 2021-06-14
CVE Names: CVE-2021-32027 CVE-2021-32028
=====================================================================

1. Summary:

An update for rh-postgresql10-postgresql is now available for Red Hat
Software Collections.

2. Relevant releases/architectures:

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
rh-postgresql10-postgresql (10.17).

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
rh-postgresql10-postgresql-10.17-1.el7.src.rpm

ppc64le:
rh-postgresql10-postgresql-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-contrib-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-contrib-syspaths-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-debuginfo-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-devel-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-docs-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-libs-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-plperl-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-plpython-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-pltcl-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-server-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-server-syspaths-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-static-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-syspaths-10.17-1.el7.ppc64le.rpm
rh-postgresql10-postgresql-test-10.17-1.el7.ppc64le.rpm

s390x:
rh-postgresql10-postgresql-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-contrib-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-contrib-syspaths-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-debuginfo-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-devel-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-docs-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-libs-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-plperl-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-plpython-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-pltcl-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-server-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-server-syspaths-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-static-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-syspaths-10.17-1.el7.s390x.rpm
rh-postgresql10-postgresql-test-10.17-1.el7.s390x.rpm

x86_64:
rh-postgresql10-postgresql-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-contrib-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-contrib-syspaths-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-debuginfo-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-devel-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-docs-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-libs-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-plperl-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-plpython-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-pltcl-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-server-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-server-syspaths-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-static-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-syspaths-10.17-1.el7.x86_64.rpm
rh-postgresql10-postgresql-test-10.17-1.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
rh-postgresql10-postgresql-10.17-1.el7.src.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-postgresql10-postgresql-10.17-1.el7.src.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcZ79zjgjWX9erEAQg8og/+Pz6q7kZJR23kVoZJXFkZ4wl1oEgd2Wdo
70tqWRX2oGUZamX0XAVeKGNTe9O7qzDoJILue8QtFzWKgVsuMirOfIhU6S3pDh6Q
Bkx9xyFHYTzumhjy72nDkS3PI4BonqCxesQioyrdBl8eVjD3s6vwthU9jT+Ijls7
WR172sMOg3U8IRSjGRf+vZSLcFlUyE1l6lnDhs0E4ZlgwgLq4ivKVTZrB4LcOdII
83NXfJSzfoVbFXlDxwUXCNLP2pvcEvLaw/EgBHmaURQhW/oWcR38DVMlKVughwEl
BhC0gCZnfMs43NZ1/R7UVEY30JB+SAuF53v+SeMo+lb6sVG6j+FlcdzVuV5v2+l/
nqUSYFVG5SE8Yh4yUjNhd0FOUzAIA7Pq0AbbhZP4nehvG5nAKw3245wB6lIeyzgV
HxolUy9yf7bH1TDhxWA5PAdglxjgjNNorDyVmSku8j2pqCSYmxNArNf2yXDrEDt/
L01PaA4z+jfIZUrjf7CPvsZau+EKqof7MBbroWnWoscmPMQab9iNEo8lrfvzxYZW
MN1trpawKhqxcTMtbxOr4VDQjAu+AUzFVvcZVeT0vmnmbSpoYI2zmB3kKvEKmLbd
uCqNFVtPU5JRw2e4f2knxYrO0KUD29pbT5nanis7pieIOLODl0JrS6aumaLi2Lv5
1ikqZg9X8Us=
=9gOv
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: rh-postgresql13-postgresql security update
Advisory ID: RHSA-2021:2396-01
Product: Red Hat Software Collections
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2396
Issue date: 2021-06-14
CVE Names: CVE-2021-32027 CVE-2021-32028 CVE-2021-32029
=====================================================================

1. Summary:

An update for rh-postgresql13-postgresql is now available for Red Hat
Software Collections.

2. Relevant releases/architectures:

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
rh-postgresql13-postgresql (13.3).

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

* postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
(CVE-2021-32028)

* postgresql: Memory disclosure in partitioned-table UPDATE … RETURNING
(CVE-2021-32029)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1956876 – CVE-2021-32027 postgresql: Buffer overrun from integer overflow in array subscripting calculations
1956877 – CVE-2021-32028 postgresql: Memory disclosure in INSERT … ON CONFLICT … DO UPDATE
1956883 – CVE-2021-32029 postgresql: Memory disclosure in partitioned-table UPDATE … RETURNING

6. Package List:

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

Source:
rh-postgresql13-postgresql-13.3-1.el7.src.rpm

ppc64le:
rh-postgresql13-postgresql-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-contrib-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-contrib-syspaths-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-debuginfo-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-devel-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-docs-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-libs-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-plperl-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-plpython-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-plpython3-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-pltcl-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-server-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-server-syspaths-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-static-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-syspaths-13.3-1.el7.ppc64le.rpm
rh-postgresql13-postgresql-test-13.3-1.el7.ppc64le.rpm

s390x:
rh-postgresql13-postgresql-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-contrib-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-contrib-syspaths-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-debuginfo-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-devel-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-docs-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-libs-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-plperl-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-plpython-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-plpython3-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-pltcl-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-server-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-server-syspaths-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-static-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-syspaths-13.3-1.el7.s390x.rpm
rh-postgresql13-postgresql-test-13.3-1.el7.s390x.rpm

x86_64:
rh-postgresql13-postgresql-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-contrib-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-contrib-syspaths-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-debuginfo-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-devel-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-docs-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-libs-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-plperl-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-plpython-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-plpython3-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-pltcl-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-server-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-server-syspaths-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-static-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-syspaths-13.3-1.el7.x86_64.rpm
rh-postgresql13-postgresql-test-13.3-1.el7.x86_64.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):

Source:
rh-postgresql13-postgresql-13.3-1.el7.src.rpm

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

Source:
rh-postgresql13-postgresql-13.3-1.el7.src.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/cve/CVE-2021-32028
https://access.redhat.com/security/cve/CVE-2021-32029
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcg99zjgjWX9erEAQi4ZRAAjtgyRm/nFou0XlYU6chMwpQBJ0pTMozR
YoWhDcjmEE49C5rqGh4j5mBRsKwXl0+2yHy+CF76nyk6iID2ZwWS52mMb0V3zMGv
oOcU8AzjbpXUo+ofnMPDTgbkKh5HEc4aUVO0vlWolUkmxGNRg/8S15PtTYJWedKj
BP/NfESZj+GhLHczdvav9DfxE4PBWLRKpAU7H3DLaeuPT1zKcVdYE89z2TtnjHXp
VkW6hq7vFfhFmOF6/4Dpn6oTf2BfQkwkgW6+lGCfyDCGap0aDlnEFN9KAdi0yp1F
gvhN90ycI8a8pwYJRs3Dx7pvafR0a7+AYiZ0fkRNqJkuYrkBWBPmiMmJjQA8Y/0+
cQNZdNmiyvKeeqTSep3kXgYBjNCFIU25R3tAIFyPKLZN2nbuLuWGTjMLnWj9PPZ2
dyZ4oQsHzyCNf80CK0zGKhivE92gvN/IXh9hpABDZv79+nJcQ0Kq8fUyLh6JGgxX
zgN+RAAxfzEjCWr8Hkbx66HfudnlJbJOv5nrORMTicS6OgwN1BfuneAGurgwNFa/
TJv7sN7mOIi651BLHQgSnFRwSThcrnJ7y0aBhAjK90wWAY1wT39Y4X45Uxx9d47l
uTtfn82l1yl8a9dF4/+cMlEnPE4FWky7X0ihc4G3R53j/PqEEfrOKSV08xEoA+m3
ENBklAr/85A=
=DxWw
– —–END PGP SIGNATURE—–

– ——————————————————————————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: postgresql security update
Advisory ID: RHSA-2021:2397-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2397
Issue date: 2021-06-14
CVE Names: CVE-2021-32027
=====================================================================

1. Summary:

An update for postgresql is now available for Red Hat Enterprise Linux 7.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) – x86_64
Red Hat Enterprise Linux Client Optional (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) – x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) – x86_64
Red Hat Enterprise Linux Server (v. 7) – ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) – ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) – x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) – x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

Security Fix(es):

* postgresql: Buffer overrun from integer overflow in array subscripting
calculations (CVE-2021-32027)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1956876 – CVE-2021-32027 postgresql: Buffer overrun from integer overflow in array subscripting calculations

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
postgresql-9.2.24-7.el7_9.src.rpm

x86_64:
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-libs-9.2.24-7.el7_9.i686.rpm
postgresql-libs-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
postgresql-9.2.24-7.el7_9.i686.rpm
postgresql-9.2.24-7.el7_9.x86_64.rpm
postgresql-contrib-9.2.24-7.el7_9.x86_64.rpm
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-devel-9.2.24-7.el7_9.i686.rpm
postgresql-devel-9.2.24-7.el7_9.x86_64.rpm
postgresql-docs-9.2.24-7.el7_9.x86_64.rpm
postgresql-plperl-9.2.24-7.el7_9.x86_64.rpm
postgresql-plpython-9.2.24-7.el7_9.x86_64.rpm
postgresql-pltcl-9.2.24-7.el7_9.x86_64.rpm
postgresql-server-9.2.24-7.el7_9.x86_64.rpm
postgresql-static-9.2.24-7.el7_9.i686.rpm
postgresql-static-9.2.24-7.el7_9.x86_64.rpm
postgresql-test-9.2.24-7.el7_9.x86_64.rpm
postgresql-upgrade-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
postgresql-9.2.24-7.el7_9.src.rpm

x86_64:
postgresql-9.2.24-7.el7_9.x86_64.rpm
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-libs-9.2.24-7.el7_9.i686.rpm
postgresql-libs-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
postgresql-9.2.24-7.el7_9.i686.rpm
postgresql-contrib-9.2.24-7.el7_9.x86_64.rpm
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-devel-9.2.24-7.el7_9.i686.rpm
postgresql-devel-9.2.24-7.el7_9.x86_64.rpm
postgresql-docs-9.2.24-7.el7_9.x86_64.rpm
postgresql-plperl-9.2.24-7.el7_9.x86_64.rpm
postgresql-plpython-9.2.24-7.el7_9.x86_64.rpm
postgresql-pltcl-9.2.24-7.el7_9.x86_64.rpm
postgresql-server-9.2.24-7.el7_9.x86_64.rpm
postgresql-static-9.2.24-7.el7_9.i686.rpm
postgresql-static-9.2.24-7.el7_9.x86_64.rpm
postgresql-test-9.2.24-7.el7_9.x86_64.rpm
postgresql-upgrade-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
postgresql-9.2.24-7.el7_9.src.rpm

ppc64:
postgresql-9.2.24-7.el7_9.ppc.rpm
postgresql-9.2.24-7.el7_9.ppc64.rpm
postgresql-contrib-9.2.24-7.el7_9.ppc64.rpm
postgresql-debuginfo-9.2.24-7.el7_9.ppc.rpm
postgresql-debuginfo-9.2.24-7.el7_9.ppc64.rpm
postgresql-devel-9.2.24-7.el7_9.ppc.rpm
postgresql-devel-9.2.24-7.el7_9.ppc64.rpm
postgresql-docs-9.2.24-7.el7_9.ppc64.rpm
postgresql-libs-9.2.24-7.el7_9.ppc.rpm
postgresql-libs-9.2.24-7.el7_9.ppc64.rpm
postgresql-plperl-9.2.24-7.el7_9.ppc64.rpm
postgresql-plpython-9.2.24-7.el7_9.ppc64.rpm
postgresql-pltcl-9.2.24-7.el7_9.ppc64.rpm
postgresql-server-9.2.24-7.el7_9.ppc64.rpm
postgresql-test-9.2.24-7.el7_9.ppc64.rpm

ppc64le:
postgresql-9.2.24-7.el7_9.ppc64le.rpm
postgresql-contrib-9.2.24-7.el7_9.ppc64le.rpm
postgresql-debuginfo-9.2.24-7.el7_9.ppc64le.rpm
postgresql-devel-9.2.24-7.el7_9.ppc64le.rpm
postgresql-docs-9.2.24-7.el7_9.ppc64le.rpm
postgresql-libs-9.2.24-7.el7_9.ppc64le.rpm
postgresql-plperl-9.2.24-7.el7_9.ppc64le.rpm
postgresql-plpython-9.2.24-7.el7_9.ppc64le.rpm
postgresql-pltcl-9.2.24-7.el7_9.ppc64le.rpm
postgresql-server-9.2.24-7.el7_9.ppc64le.rpm
postgresql-test-9.2.24-7.el7_9.ppc64le.rpm

s390x:
postgresql-9.2.24-7.el7_9.s390.rpm
postgresql-9.2.24-7.el7_9.s390x.rpm
postgresql-contrib-9.2.24-7.el7_9.s390x.rpm
postgresql-debuginfo-9.2.24-7.el7_9.s390.rpm
postgresql-debuginfo-9.2.24-7.el7_9.s390x.rpm
postgresql-devel-9.2.24-7.el7_9.s390.rpm
postgresql-devel-9.2.24-7.el7_9.s390x.rpm
postgresql-docs-9.2.24-7.el7_9.s390x.rpm
postgresql-libs-9.2.24-7.el7_9.s390.rpm
postgresql-libs-9.2.24-7.el7_9.s390x.rpm
postgresql-plperl-9.2.24-7.el7_9.s390x.rpm
postgresql-plpython-9.2.24-7.el7_9.s390x.rpm
postgresql-pltcl-9.2.24-7.el7_9.s390x.rpm
postgresql-server-9.2.24-7.el7_9.s390x.rpm
postgresql-test-9.2.24-7.el7_9.s390x.rpm

x86_64:
postgresql-9.2.24-7.el7_9.i686.rpm
postgresql-9.2.24-7.el7_9.x86_64.rpm
postgresql-contrib-9.2.24-7.el7_9.x86_64.rpm
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-devel-9.2.24-7.el7_9.i686.rpm
postgresql-devel-9.2.24-7.el7_9.x86_64.rpm
postgresql-docs-9.2.24-7.el7_9.x86_64.rpm
postgresql-libs-9.2.24-7.el7_9.i686.rpm
postgresql-libs-9.2.24-7.el7_9.x86_64.rpm
postgresql-plperl-9.2.24-7.el7_9.x86_64.rpm
postgresql-plpython-9.2.24-7.el7_9.x86_64.rpm
postgresql-pltcl-9.2.24-7.el7_9.x86_64.rpm
postgresql-server-9.2.24-7.el7_9.x86_64.rpm
postgresql-test-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
postgresql-debuginfo-9.2.24-7.el7_9.ppc.rpm
postgresql-debuginfo-9.2.24-7.el7_9.ppc64.rpm
postgresql-static-9.2.24-7.el7_9.ppc.rpm
postgresql-static-9.2.24-7.el7_9.ppc64.rpm
postgresql-upgrade-9.2.24-7.el7_9.ppc64.rpm

ppc64le:
postgresql-debuginfo-9.2.24-7.el7_9.ppc64le.rpm
postgresql-static-9.2.24-7.el7_9.ppc64le.rpm
postgresql-upgrade-9.2.24-7.el7_9.ppc64le.rpm

s390x:
postgresql-debuginfo-9.2.24-7.el7_9.s390.rpm
postgresql-debuginfo-9.2.24-7.el7_9.s390x.rpm
postgresql-static-9.2.24-7.el7_9.s390.rpm
postgresql-static-9.2.24-7.el7_9.s390x.rpm
postgresql-upgrade-9.2.24-7.el7_9.s390x.rpm

x86_64:
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-static-9.2.24-7.el7_9.i686.rpm
postgresql-static-9.2.24-7.el7_9.x86_64.rpm
postgresql-upgrade-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
postgresql-9.2.24-7.el7_9.src.rpm

x86_64:
postgresql-9.2.24-7.el7_9.i686.rpm
postgresql-9.2.24-7.el7_9.x86_64.rpm
postgresql-contrib-9.2.24-7.el7_9.x86_64.rpm
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-devel-9.2.24-7.el7_9.i686.rpm
postgresql-devel-9.2.24-7.el7_9.x86_64.rpm
postgresql-libs-9.2.24-7.el7_9.i686.rpm
postgresql-libs-9.2.24-7.el7_9.x86_64.rpm
postgresql-plperl-9.2.24-7.el7_9.x86_64.rpm
postgresql-plpython-9.2.24-7.el7_9.x86_64.rpm
postgresql-pltcl-9.2.24-7.el7_9.x86_64.rpm
postgresql-server-9.2.24-7.el7_9.x86_64.rpm
postgresql-test-9.2.24-7.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm
postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm
postgresql-docs-9.2.24-7.el7_9.x86_64.rpm
postgresql-static-9.2.24-7.el7_9.i686.rpm
postgresql-static-9.2.24-7.el7_9.x86_64.rpm
postgresql-upgrade-9.2.24-7.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-32027
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYMcjUNzjgjWX9erEAQhY1A//XcjPWeoBxTwPkkuEPqJCYtYiu0fjEnaR
1+DWUPH+gXDQX1N3Fvk1k1f02B9U38BF0QjkKfhxvamw+xS3N9Sajj2A/oa8W4zE
sjmFA00PfPWOvx2rWpIyBGX5B17mcPhM4KGhBXbaIK1Uqi2+1a3wRD7EDCrqQdee
CaYlE7NqM0pPnkII5ECAsiyiWDSL745K0EIGMHV671PQqrlWi+LnTUkGe9RcrW7Z
tZxTU5ZIiHclpbkxma2GfAS9v/b5/uqMod9jHP72coaZaUvDK9zFlRG+1JrA3HPX
sdNaH9p9gOvs1nJ2UZFqG8x2Xrc1SB0E3xboujNKyHO0Wdq5iCu7A6pDUmreETSj
du0024D6bZNsc5c4Ud7gEC5KtZf6KAOs68HkksyRy9xFDJnLo2bm4LmP1d2aL0yV
zxa99VSS6M/eNIVz0c/IVR3dExopSt5Y09C/aFIIftQ3OtNi5oILLsWXlfT+Nue4
pmFzRH+AdtY7hkzv3I2P+meGIkP4IJLRlpSzlXpeNgiDqBI5ojnyHC8MDmvxDxMP
WGjIr7xI5TeQoXdsuibm6IpLUqpYMGNTHxL5XOavZ8WsU9l4GRc8rUOjVS71aGAo
s2CL3YgWGa1KqBsF5yItMd52jqvXLpNazyqpmR21n/JsNPyviPEyG1x/aipjTo5s
nAclJ8379rE=
=wv6w
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYMfoPeNLKJtyKPYoAQi55hAAovZtzTNnzMAHr/liiFiWMT2/2Y8GAEVK
+hFJA/GP9wj3iR3o2ln0YL41cZ/gs6U9YZOUxZfvAmV2QwsTjxaXB6EW1j8qPxGO
8s/1RG+/1TwbhfBnihG8Xbv1KuuzmwjX9HzXx9Usm2fsKx4mttJSL2wnfktjnwkE
CLakf2fwSsR722q1yHWMsXHd68btqRWVhgJxMzDOPo1DxmHmBDvWIkVBrjMnr9hc
Pz8+eGyGyVieqpeQ/Bo6jaD3G/hHYltz41t4FfwqOPAGPn4jzjHa4beRz8SluWTR
SUDz5TaFLixh4TMPkcgCMLeCVeLAEeuRjRNhQRPXzpm5Ms6faTHHM1s9gi+gU6jE
Ijy0Dj84FOqwb++8mCaCERSVgOfI1EEuMMtqQiTSUhJ9+ujteZOzoiFFtLPlQNNH
7P61RtmIbWtyMQJcMC4a91Ar/6XNftFFX/Idwi8WWMLCs6S6lzvFQAbKnNUE4Lpq
A3EjrGgXoQhqO5DZq6g3VzWQ1xM6yclMkwQWQEz6D+EsLU3OiRdHe9n4F0JnuO7O
m1JQTm675sPFOdxJuiJc0OCvYH3jk4ZbHkfzJIe2iBbTuufKsIJ+qyC+5MjwufMB
dp+sqZ5eGGPTLH50RhoMArO51zqA8TMJmNeeVJyIJNVyzqmPei8v4vwEyLmps5aI
dVvg6l08dDc=
=+zef
—–END PGP SIGNATURE—–

The post ESB-2021.2122 – [RedHat] postgresql: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/15/esb-2021-2122-redhat-postgresql-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-2122-redhat-postgresql-multiple-vulnerabilities

Malware Devil

Malware Devil

Tuesday, June 15, 2021

ESB-2021.2122 – [RedHat] postgresql: Multiple vulnerabilities

No comments:

Post a Comment

Barbary Pirates and Russian Cybercrime

Blog Archive

About Me