New Charges Derail COVID Release for Hacker Who Aided ISIS

A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The new charges have derailed plans to deport him under compassionate release because of the COVID-19 pandemic.

Ardit Ferizi, a 25-year-old citizen of Kosovo, was slated to be sent home earlier this month after a federal judge signed an order commuting his sentence to time served. The release was granted in part due to Ferizi’s 2018 diagnosis if asthma, as well as a COVID outbreak at the facility where he was housed in 2020.

But while Ferizi was in quarantine awaiting deportation the Justice Department unsealed new charges against him, saying he’d conspired from prison with associates on the outside to access stolen data and launder the bitcoin proceeds of his previous crimes.

In the years leading up to his arrest, Ferizi was the administrator of a cybercrime forum called Pentagon Crew. He also served as the leader of an ethnic Albanian group of hackers from Kosovo known as Kosova Hacker’s Security (KHS), which focused on compromising government and private websites in Israel, Serbia, Greece, Ukraine and the United States.

The Pentagon Crew forum founded by Ferizi.

In December 2015, Ferizi was apprehended in Malaysia and extradited to the United States. In January 2016, Ferizi pleaded guilty to providing material support to a terrorist group and to unauthorized access. He admitted to hacking a U.S.-based e-commerce company, stealing personal and financial data on 1,300 government employees, and providing the data to an Islamic State hacking group.

Ferizi gave the purloined data to Junaid “Trick” Hussain, a 21-year-old hacker and recruiter for ISIS who published it in August 2015 as part of a directive that ISIS supporters kill the named U.S. military members and government employees. Later that month, Hussain was reportedly killed by a drone strike in Syria.

The government says Ferizi and his associates made money by hacking PayPal and other financial accounts, and through pornography sites he allegedly set up mainly to steal personal and financial data from visitors.

Junaid Hussain’s Twitter profile photo.

Between 2015 and 2019, Ferizi was imprisoned at a facility in Illinois that housed several other notable convicts. For example, prosecutors allege that Ferizi was an associate of Mahmud “Red” Abouhalima, who was serving a 240 year sentence at the prison for his role in the 1993 World Trade Center bombing.

Another inmate incarcerated at the same facility was Shawn Bridges, a former U.S. Secret Service agent serving almost eight years for stealing $820,000 worth of bitcoin from online drug dealers while investigating the hidden underground website Silk Road. Prosecutors say Ferizi and Bridges discussed ways to hide their bitcoin.

The information about Ferizi’s inmate friends came via a tip from another convict, who told the FBI that Ferizi was allegedly using his access to the prison’s email system to share email and bitcoin account passwords with family members back home.

The Justice Department said subpoenas served on Ferizi’s email accounts and interviews with his associates show Ferizi’s brother in Kosovo used the information to “liquidate the proceeds of Ferizi’s previous criminal hacking activities.”

[Side note: It may be little more than a coincidence, but my PayPal account was hacked in Dec. 2015 by criminals who social engineered PayPal employees over the phone into changing my password and bypassing multi-factor authentication. The hackers attempted to send my balance to an account tied to Hussain, but the transfer never went through.]

Ferizi is being tried in California, but has not yet had an initial appearance in court. He’s charged with one count of aggravated identity theft and one count of wire fraud. If convicted of wire fraud, he faces a maximum penalty of 20 years in prison and a fine of $250,000. If convicted of aggravated identity theft, he faces a mandatory penalty of 2 years in prison in addition to the punishment imposed for a wire fraud conviction.

Read More

The post New Charges Derail COVID Release for Hacker Who Aided ISIS appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/new-charges-derail-covid-release-for-hacker-who-aided-isis/?utm_source=rss&utm_medium=rss&utm_campaign=new-charges-derail-covid-release-for-hacker-who-aided-isis

The story of ZeroLogon

This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After it was discovered by researchers, the vulnerability was patched and that should have been the end of the story. Unfortunately the patch caused problems of its own, which made it very unpopular. Cybercriminals seized the opportunity to use the vulnerability for their own purposes. This is the story of ZeroLogon.

What is ZeroLogon?

The ZeroLogon vulnerability was discovered by researchers at Secura and is listed in the Common Vulnerabilities and Exposures (CVE) database under CVE-2020-1472:

“An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’.”

This vulnerability exploits a cryptographic flaw in Microsoft’s Active Directory Netlogon Remote Protocol (MS-NRPC), which allows users to log on to servers that are using NTLM (NT LAN Manager). Researchers explained that the issue stems from the incorrect use of AES-CFB8 encryption, which requires randomly generated initialization vectors for each authentication message. Sadly, Windows didn’t take this requirement into consideration. An attacker can use zeros for the initialization vector, allowing them to take over a domain controller in a matter of seconds.

How bad is this vulnerability?

Very bad, is the short answer. ZeroLogon has been successfully weaponized by malware authors, who use it for the lateral infection of corporate endpoints. The sophisticated Trickbot Trojan uses ZeroLogon, which means that it can spread across a vulnerable network easily. Ryuk ransomware has also been seen using the ZeroLogon vulnerability.

Is there a patch?

Yes, but there’s a “but”. The vulnerability was actually patched in August 2020, and it wasn’t until a researcher published a report about the vulnerability in September that we started to see it used in malicious activity.

In late October, Microsoft warned that threat actors were actively exploiting systems that were unpatched against ZeroLogon privilege escalation.

In November Microsoft also added detection rules to Microsoft Defender to “detect adversaries as they try to exploit this vulnerability against your domain controllers.”

The general advice is to use Secure RPC to prevent these attacks. Secure RPC is an authentication method that authenticates both the host and the user who is making a request for a service. Secure RPC uses the Diffie-Hellman authentication mechanism, which uses DES encryption rather than AES-CFB8.

Why isn’t everything patched against ZeroLogon by now?

The problem with the patch is that it is not enough to update the server side (Domain Controller), because clients also need to be updated for the protocol to work. And even though Microsoft took care to issue patches for Windows devices, it didn’t provide a solution for legacy operating systems that are no longer supported, or for third-party products. This means that enforcing Secure RPC may break operations for these incompatible systems.

So, what’s next?

Now, Microsoft has announced that it will enforce the use of Secure RPC .

“beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default.  This will block vulnerable connections from non-compliant devices.  DC enforcement mode requires that all Windows and non-Windows devices use Secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device.”

Having read that you might be thinking: “But you said it might break incompatible systems!” True, so Microsoft has made a list of actions that will result in a detailed update plan.

The update plan outlined by Microsoft includes the following actions:

• UPDATE your Domain Controllers with an update released August 11, 2020 or later.
• FIND which devices are making vulnerable connections by monitoring event logs.
• ADDRESS non-compliant devices making vulnerable connections.
• ENABLE enforcement mode to address CVE-2020-1472 in your environment.

This probably means there is still no happy ending to this story. Addressing the non-complaint devices will not be as easy at it sounds, in many cases. In many cases it will end with sysadmins making an exception for such a device. It is advisable however to at least try and follow the steps. Because in the end it will pay off to remove (or at least limit) the vulnerable devices and machines on your network. The cybercriminals will not let go of this treasure so easily.

Stay safe, everyone!

The post The story of ZeroLogon appeared first on Malwarebytes Labs.

The post The story of ZeroLogon appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/the-story-of-zerologon-2/?utm_source=rss&utm_medium=rss&utm_campaign=the-story-of-zerologon-2

The story of ZeroLogon

This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After it was discovered by researchers, the vulnerability was patched and that should have been the end of the story. Unfortunately the patch caused problems of its own, which made it very unpopular. Cybercriminals seized the opportunity to use the vulnerability for their own purposes. This is the story of ZeroLogon.

What is ZeroLogon?

The ZeroLogon vulnerability was discovered by researchers at Secura and is listed in the Common Vulnerabilities and Exposures (CVE) database under CVE-2020-1472:

“An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka ‘Netlogon Elevation of Privilege Vulnerability’.”

This vulnerability exploits a cryptographic flaw in Microsoft’s Active Directory Netlogon Remote Protocol (MS-NRPC), which allows users to log on to servers that are using NTLM (NT LAN Manager). Researchers explained that the issue stems from the incorrect use of AES-CFB8 encryption, which requires randomly generated initialization vectors for each authentication message. Sadly, Windows didn’t take this requirement into consideration. An attacker can use zeros for the initialization vector, allowing them to take over a domain controller in a matter of seconds.

How bad is this vulnerability?

Very bad, is the short answer. ZeroLogon has been successfully weaponized by malware authors, who use it for the lateral infection of corporate endpoints. The sophisticated Trickbot Trojan uses ZeroLogon, which means that it can spread across a vulnerable network easily. Ryuk ransomware has also been seen using the ZeroLogon vulnerability.

Is there a patch?

Yes, but there’s a “but”. The vulnerability was actually patched in August 2020, and it wasn’t until a researcher published a report about the vulnerability in September that we started to see it used in malicious activity.

In late October, Microsoft warned that threat actors were actively exploiting systems that were unpatched against ZeroLogon privilege escalation.

In November Microsoft also added detection rules to Microsoft Defender to “detect adversaries as they try to exploit this vulnerability against your domain controllers.”

The general advice is to use Secure RPC to prevent these attacks. Secure RPC is an authentication method that authenticates both the host and the user who is making a request for a service. Secure RPC uses the Diffie-Hellman authentication mechanism, which uses DES encryption rather than AES-CFB8.

Why isn’t everything patched against ZeroLogon by now?

The problem with the patch is that it is not enough to update the server side (Domain Controller), because clients also need to be updated for the protocol to work. And even though Microsoft took care to issue patches for Windows devices, it didn’t provide a solution for legacy operating systems that are no longer supported, or for third-party products. This means that enforcing Secure RPC may break operations for these incompatible systems.

So, what’s next?

Now, Microsoft has announced that it will enforce the use of Secure RPC .

“beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default.  This will block vulnerable connections from non-compliant devices.  DC enforcement mode requires that all Windows and non-Windows devices use Secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device.”

Having read that you might be thinking: “But you said it might break incompatible systems!” True, so Microsoft has made a list of actions that will result in a detailed update plan.

The update plan outlined by Microsoft includes the following actions:

• UPDATE your Domain Controllers with an update released August 11, 2020 or later.
• FIND which devices are making vulnerable connections by monitoring event logs.
• ADDRESS non-compliant devices making vulnerable connections.
• ENABLE enforcement mode to address CVE-2020-1472 in your environment.

This probably means there is still no happy ending to this story. Addressing the non-complaint devices will not be as easy at it sounds, in many cases. In many cases it will end with sysadmins making an exception for such a device. It is advisable however to at least try and follow the steps. Because in the end it will pay off to remove (or at least limit) the vulnerable devices and machines on your network. The cybercriminals will not let go of this treasure so easily.

Stay safe, everyone!

The post The story of ZeroLogon appeared first on Malwarebytes Labs.

The post The story of ZeroLogon appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/the-story-of-zerologon/?utm_source=rss&utm_medium=rss&utm_campaign=the-story-of-zerologon

Kaizen Gaming Makes Winning Bet on Application Security

The online gaming industry is projected to grow at a compound annual growth rate (CAGR) of 12.9% between now and 2027. This rapidly growing industry segment offers cyber criminals a broad attack surface to steal personally identifiable information (PII) and other forms of personal and financial data as well as to disrupt critical operations.

The post Kaizen Gaming Makes Winning Bet on Application Security appeared first on Security Boulevard.

Read More

The post Kaizen Gaming Makes Winning Bet on Application Security appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/kaizen-gaming-makes-winning-bet-on-application-security/?utm_source=rss&utm_medium=rss&utm_campaign=kaizen-gaming-makes-winning-bet-on-application-security

FBI, Big Government, Mimecast, Ubquiti, Cisco, & the German Police – Wrap Up – SWN #94

Welcome to the Security Weekly News Wrap up for the the Week of 10 – Jan 2021. Government, the Effabeeeye, Mimecast, Ubquiti, Cisco, and the German Police, all this and show wrap ups on the Security Weekly News Wrap Up!
Visit https://www.securityweekly.com/swn for all the latest episodes!
Show Notes: https://securityweekly.com/swn94

The post FBI, Big Government, Mimecast, Ubquiti, Cisco, & the German Police – Wrap Up – SWN #94 appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/fbi-big-government-mimecast-ubquiti-cisco-the-german-police-wrap-up-swn-94-4/?utm_source=rss&utm_medium=rss&utm_campaign=fbi-big-government-mimecast-ubquiti-cisco-the-german-police-wrap-up-swn-94-4

Insider Threats Are on the Rise and Growing More Costly. You Need the Right Tools to Detect Them

A recent report on cybersecurity spending says that companies have been raising their budgets in…

The post Insider Threats Are on the Rise and Growing More Costly. You Need the Right Tools to Detect Them appeared first on Gurucul.

The post Insider Threats Are on the Rise and Growing More Costly. You Need the Right Tools to Detect Them appeared first on Security Boulevard.

Read More

The post Insider Threats Are on the Rise and Growing More Costly. You Need the Right Tools to Detect Them appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/insider-threats-are-on-the-rise-and-growing-more-costly-you-need-the-right-tools-to-detect-them/?utm_source=rss&utm_medium=rss&utm_campaign=insider-threats-are-on-the-rise-and-growing-more-costly-you-need-the-right-tools-to-detect-them

Retail and Hospitality Sector Has Impressive Fix Rate, but Room to Improve

Over the past year, the retail and hospitality industries have been forced to adapt to the ???new normal.??? Since lockdowns and health concerns have prevented or dissuaded in-person shopping or dining, the new normal has been e-commerce. Smaller businesses not equipped for the increase in e-commerce have had to undergo rapid digital transformation in order to stay afloat. But, unfortunately, e-commerce was not the only thing to increase in 2020. Cyberattackers have been taking advantage of the influx of digital activity.

This is especially concerning because, according to our recent State of Software Security (SOSS) report, 76 percent of applications in the retail and hospitality sector have a security vulnerability and 26 percent have high-severity security vulnerabilities.

But, on a positive note, our SOSS findings also revealed that when compared to other industries, retail and hospitality have the second-best fix rate and the best median time to remediate security flaws. This means that even though the industries might have a higher than usual number of flaws, they are quick to act and remediate those flaws. As Chris Eng, Chief Research Officer at Veracode explains, ???If retailers are constantly having to push out code containing business logic to support new promotions, that might account for the fix times.???

The SOSS report also examined how the ???nature??? of applications and how we ???nurture??? them contribute to the time it takes to close out a security flaw. We found that the ???nature??? of applications ??? like organization or application size, application age, or flaw density ??? can affect how long it takes to remediate a security flaw. But, taking steps to ???nurture??? the security of applications ??? like using multiple application security (AppSec) testing types, scanning frequently and steadily, and utilizing APIs ??? can also influence how long it takes to remediate security flaws.

For the retail and hospitality industries, we found that they have a low flaw density relative to other sectors, but the applications tend to be old and larger. We also found that the sector is not consistently using DevSecOps best practices like scanning frequently in an automated way. If developers start following the best practices regularly, the retail and hospitality industries can remediate flaws and chip away at security debt faster.

Flaws that the retail and hospitality sector should keep a close eye on include encapsulation, SQL injection, and credential management issues. These flaw types seem to be more prevalent in the retail and hospitality sector compared to other industries, and they can lead to a serious breach. In fact, injection flaws are considered by OWASP Top 10 to be the number one, most critical security risk to web applications.

For more information on software security trends in the retail and hospitality industries, check out The State of Software Security Industry Snapshot.

ﾂ?

The post Retail and Hospitality Sector Has Impressive Fix Rate, but Room to Improve appeared first on Security Boulevard.

Read More

The post Retail and Hospitality Sector Has Impressive Fix Rate, but Room to Improve appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/retail-and-hospitality-sector-has-impressive-fix-rate-but-room-to-improve/?utm_source=rss&utm_medium=rss&utm_campaign=retail-and-hospitality-sector-has-impressive-fix-rate-but-room-to-improve

Balancing Security and User Behavior in Remote Work

Just when security was finally being recognized as a priority within business operations, remote work hit what amounted to a giant reset button. As work from home (WFH) became necessary, productivity was prioritized over everything else. Getting employees online, making sure everyone had the necessary equipment and access, even setting up cloud options where there..

The post Balancing Security and User Behavior in Remote Work appeared first on Security Boulevard.

Read More

The post Balancing Security and User Behavior in Remote Work appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/balancing-security-and-user-behavior-in-remote-work/?utm_source=rss&utm_medium=rss&utm_campaign=balancing-security-and-user-behavior-in-remote-work

Bringing Source Code Security Up to Speed

In many ways, the DevOps movement is about removing complexity in the development process to increase release velocity and efficiency. While those abstractions may increase simplicity and narrow focus for developers, the pressure to adopt new tools and processes increases the complexity of securing DevOps infrastructure. Furthermore, DevOps culture empowers developers with a focus on..

The post Bringing Source Code Security Up to Speed appeared first on Security Boulevard.

Read More

The post Bringing Source Code Security Up to Speed appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/bringing-source-code-security-up-to-speed/?utm_source=rss&utm_medium=rss&utm_campaign=bringing-source-code-security-up-to-speed

U.S. National Cybersecurity Plan Promises to Safeguard Maritime Sector

The U.S Government released on January 5, 2021, a cybersecurity plan to secure the nation’s maritime sector against cybersecurity threats that could endanger national security. The Maritime Cyber Environment With International Maritime Organization’s (IMO) mandate “to ensure that cyber risks are appropriately addressed in existing safety management systems” and the increasing number of cyber-attacks against maritime […]… Read More

The post U.S. National Cybersecurity Plan Promises to Safeguard Maritime Sector appeared first on The State of Security.

The post U.S. National Cybersecurity Plan Promises to Safeguard Maritime Sector appeared first on Security Boulevard.

Read More

The post U.S. National Cybersecurity Plan Promises to Safeguard Maritime Sector appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/u-s-national-cybersecurity-plan-promises-to-safeguard-maritime-sector/?utm_source=rss&utm_medium=rss&utm_campaign=u-s-national-cybersecurity-plan-promises-to-safeguard-maritime-sector

Security Detection & Response Alert Output Usability Survey https://www.surveymonkey.com/r/TAOvsVAO, (Tue, Jan 19th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post Security Detection & Response Alert Output Usability Survey https://www.surveymonkey.com/r/TAOvsVAO, (Tue, Jan 19th) appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/security-detection-response-alert-output-usability-survey-https-www-surveymonkey-com-r-taovsvao-tue-jan-19th/?utm_source=rss&utm_medium=rss&utm_campaign=security-detection-response-alert-output-usability-survey-https-www-surveymonkey-com-r-taovsvao-tue-jan-19th

Gordon for fast cyber reputation checks, (Tue, Jan 19th)

Gordon quickly provides threat & risk information about observables

Gordon is a great website for security analysis and threat intelligence practitioners courtesy of Marc-Henry Geay of France.
It’s a fine offering that quickly provides threat and risk information about observables such as IPv4 addresses, URLs, Domains/FQDNs, MD5, SHA-1, SHA-256 hashes, or email addresses.

All aspirations and architecture for Gordon are available in Marc-Henry’s Medium post, as well as his About content.
You really need only know the following in any detail:

• Gordon submits your observables (IOCs) to multiple sources (30+ engines) to ensure good coverage.
• Observables are only searched in open security databases’ existing records (passive).
• Results can be viewed and shared for up to 3 days, thereafter they are deleted, Marc-Henry has EU privacy regulations to contend with.
• Results are available as Summary Reports with risk-based coloration for some engines, and can be exported as PDF, CSV, and XLSX.

I gave Gordon a quick test using IPv4 IOCs from the Cisco Talos Threat Advisory: SolarWinds supply chain attack. Gordon limits you to 15 observables at most, and note that it favors non-Microsoft browsers, so I experimented via Firefox. Using ten IP IOCs, separated one per line, I received swift results as seen in Figure 1.

Figure 1: Gordon IPv4 SUNBURST results

As noted, Figure 1: shows IPvs SUNBURST IOC results that are precise and color coded by risk.
Using ten SHA-256 hashes from the Talos report for my next query I opted to export the results as an Excel document, then sorted by malicious results only.

Figure 2: Gordon SHA-256 query results

Again, the SUNBURST SHA-256 IOC results are robust and detailed. I’ve certainly added Gordon to my favorites list and suggest you consider doing the same.

Cheers…until next time.

Russ McRee | @holisticinfosec

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post Gordon for fast cyber reputation checks, (Tue, Jan 19th) appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/gordon-for-fast-cyber-reputation-checks-tue-jan-19th/?utm_source=rss&utm_medium=rss&utm_campaign=gordon-for-fast-cyber-reputation-checks-tue-jan-19th

ISC Stormcast For Tuesday, January 19th, 2021 https://isc.sans.edu/podcastdetail.html?id=7334, (Tue, Jan 19th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post ISC Stormcast For Tuesday, January 19th, 2021 https://isc.sans.edu/podcastdetail.html?id=7334, (Tue, Jan 19th) appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/isc-stormcast-for-tuesday-january-19th-2021-https-isc-sans-edu-podcastdetail-htmlid7334-tue-jan-19th/?utm_source=rss&utm_medium=rss&utm_campaign=isc-stormcast-for-tuesday-january-19th-2021-https-isc-sans-edu-podcastdetail-htmlid7334-tue-jan-19th

ESB-2020.1110.2 – UPDATE [Win][UNIX/Linux] Ruby: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2020.1110.2
          Ruby: Heap exposure vulnerability in the socket library
                              19 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Ruby
Publisher:         Ruby
Operating System:  UNIX variants (UNIX, Linux, OSX)
                   Windows
Impact/Access:     Create Arbitrary Files   -- Remote/Unauthenticated
                   Access Confidential Data -- Unknown/Unspecified   
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-16255 CVE-2020-10933 CVE-2020-10663

Original Bulletin: 
   https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
   https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-4-10-released/
   https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-5-8-released/
   https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-6-6-released/
   https://www.ruby-lang.org/en/news/2020/03/31/ruby-2-7-1-released/

Comment: This bulletin contains five (5) Ruby security advisories.

Revision History:  January 19 2021: Vendor updated CVE for Ruby 2.4.10 Released bulletin
                   April    1 2020: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

CVE-2020-10933: Heap exposure vulnerability in the socket library

Posted by mame on 31 Mar 2020

A heap exposure vulnerability was discovered in the socket library. This
vulnerability has been assigned the CVE identifier CVE-2020-10933 . We strongly
recommend upgrading Ruby.

Details

When BasicSocket#recv_nonblock and BasicSocket#read_nonblock are invoked with
size and buffer arguments, they initially resize the buffer to the specified
size. In cases where the operation would block, they return without copying any
data. Thus, the buffer string will now include arbitrary data from the heap.
This may expose possibly sensitive data from the interpreter.

This issue is exploitable only on Linux. This issue had been since Ruby 2.5.0;
2.4 series is not vulnerable.

Affected versions

  o Ruby 2.5 series: 2.5.7 and earlier
  o Ruby 2.6 series: 2.6.5 and earlier
  o Ruby 2.7 series: 2.7.0
  o prior to master revision 61b7f86248bd121be2e83768be71ef289e8e5b90

Credits

Thanks to Samuel Williams for discovering this issue.

History

  o Originally published at 2020-03-31 15:00:00 (UTC)

- --------------------------------------------------------------------------------

Ruby 2.4.10 Released

Posted by usa on 31 Mar 2020

Ruby 2.4.10 has been released.

This release includes a security fix. Please check the topics below for
details.

  o CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional
    fix)

Ruby 2.4 is now under the state of the security maintenance phase, until the
end of March of 2020. After that date, maintenance of Ruby 2.4 will be ended.
Thus, this release would be the last of Ruby 2.4 series. We recommend you
immediately upgrade Ruby to newer versions, such as 2.7 or 2.6 or 2.5.

Download

  o https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.10.tar.bz2

    SIZE: 12513799
    SHA1: 96737b609f4a82f8696669a17017a46f3bd07549
    SHA256: 6ea3ce7fd0064524ae06dbdcd99741c990901dfc9c66d8139a02f907d30b95a8
    SHA512: 4d730d2d7cb96b002167ee358258f2620862a5a6d8627cfa5b49bd43c6e59c50c0f437b959d4689b231d57706ec7d5910d9b144f4ca1c1ed56bc879ed92e8a59

  o https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.10.tar.gz

    SIZE: 14133414
    SHA1: 3140909df03941865012a247969f355cb17e5cde
    SHA256: 93d06711795bfb76dbe7e765e82cdff3ddf9d82eff2a1f24dead9bb506eaf2d0
    SHA512: dfbe2a28b1a2d458dfc8d4287fbe7caec70890dfecf1e12ac62cddd323d8921ca14a0479453e3691641e3d49366de2e4eb239029c46685234b8f29ac84e1da11

  o https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.10.tar.xz

    SIZE: 10100664
    SHA1: 757707eaf3d013f17d63717b0b00dfde7ef6684e
    SHA256: d5668ed11544db034f70aec37d11e157538d639ed0d0a968e2f587191fc530df
    SHA512: 11c7a9ea1353f752763b189815ac34674cc8ebf7141517838b7f040823e892780d94ec3091c1f5d1415f9bc1b838b7f6f9de13a706df7bef80ce3b146a7d6660

  o https://cache.ruby-lang.org/pub/ruby/2.4/ruby-2.4.10.zip

    SIZE: 15774586
    SHA1: 38568a192e042fdd93cd9ba0cdae1de3b299b0b5
    SHA256: 3babcf264a22b52951974ed4c5232c3fe14f2ada72daad47bf8b73639a7eec50
    SHA512: 7dbc14d8d548848a8f6d6a6fa84fd514386df86b5e3f0613cdb6d1dd68740b934052f71eee63e0a2fd5cdc7f4acf20ae8ef6219f8e3d7d0c476bb6f411bb6320

Release Comment

Thanks to everyone who helped with this release, especially, to reporters of
the vulnerability.

- --------------------------------------------------------------------------------

Ruby 2.5.8 Released

Posted by usa on 31 Mar 2020

Ruby 2.5.8 has been released.

This release includes security fixes. Please check the topics below for
details.

  o CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
    fix)
  o CVE-2020-10933: Heap exposure vulnerability in the socket library

See the commit logs for details.

Download

  o https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.8.tar.bz2

    SIZE: 13801410
    SHA1: 823b6b009a6e44fef27d2dacb069067fe355d5d8
    SHA256: 41fc93731ad3f3aa597d657f77ed68fa86b5e93c04dfbf7e542a8780702233f0
    SHA512: 037a5a0510d50b4da85f081d934b07bd6e1c9b5a1ab9b069b3d6eb131ee811351cf02b61988dda7d7aa248aec91612a58d00929d342f0b19ddd7302712caec58

  o https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.8.tar.gz

    SIZE: 15682927
    SHA1: 71e7b22d1dfa32d3df0bfeec48237b28a53bc04f
    SHA256: 6c0bdf07876c69811a9e7dc237c43d40b1cb6369f68e0e17953d7279b524ad9a
    SHA512: ec8bf18b5ef8bf14a568dfb50cbddcc4bb13241f07b0de969e7b60cc261fb4e08fefeb5236bcf620bc690af112a9ab7f7c89f5b8a03fd3430e58804227b5041f

  o https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.8.tar.xz

    SIZE: 11298404
    SHA1: d5ef8e8f28c098e6b7ea24924e0b0fee6e2f766c
    SHA256: 0391b2ffad3133e274469f9953ebfd0c9f7c186238968cbdeeb0651aa02a4d6d
    SHA512: 2886be764a454425c5beef2777c64a70ee0d048b07896b327633d904f5077fea4299526689f9e2ac4dcd2fc4811cf9a6c8ce75367ed35d29dfe1a54222872e0d

  o https://cache.ruby-lang.org/pub/ruby/2.5/ruby-2.5.8.zip

    SIZE: 19060404
    SHA1: 623786f2b30e61f0e78e2b0bb2d98f0f029dc305
    SHA256: 69d97164f12f85cef34ef9d2eac0f3fd40400bffb29ddd58193225bd23220ae2
    SHA512: 6a02ff090d2463fdb8cb9f4f072cc7d14d467731bf2eb28780fe714176e5abb3a169b6d007f76bd1c7e86517d11e93edea6a9e76d1a0ba97c7ac60dc5b235bdc

Release Comment

Thanks to everyone who helped with this release, especially, to reporters of
the vulnerability.

- --------------------------------------------------------------------------------

Ruby 2.6.6 Released

Posted by nagachika on 31 Mar 2020

Ruby 2.6.6 has been released.

This release includes security fixes. Please check the topics below for
details.

  o CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
    fix)
  o CVE-2020-10933: Heap exposure vulnerability in the socket library

See the commit logs for details.

Download

  o https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.6.tar.bz2

    SIZE: 14137163
    SHA1: 62adcc4c465a8790b3df87860551e7ad7d84f23d
    SHA256: f08b779079ecd1498e6a2548c39a86144c6c784dcec6f7e8a93208682eb8306e
    SHA512: 001851cf55c4529287ca7cc132afc8c7af4293cdef71feb1922da4901ece255ec453d7697b102a9a90aef2a048fe3d09017ea9378ab4a4df998c21ec3890cdbb

  o https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.6.tar.gz

    SIZE: 16180408
    SHA1: 2d78048e293817f38d4ede4ebc7873013e97bb0b
    SHA256: 364b143def360bac1b74eb56ed60b1a0dca6439b00157ae11ff77d5cd2e92291
    SHA512: 7c54aad974d13c140df0a7209cc111dada10ad402126271051222adb7f2b5053997353367f2cddf6c0336f67357f831aeab9f236851153c0db0d2014bf3e0614

  o https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.6.tar.xz

    SIZE: 11567284
    SHA1: 4dc8d4f7abc1d498b7bac68e82efc01a849f300f
    SHA256: 5db187882b7ac34016cd48d7032e197f07e4968f406b0690e20193b9b424841f
    SHA512: 86caf93dbf61d03781767ab5375a7edf4761f13ba08ccfefe16c0a7550499237e7390c2f72a95d42670d4fe76b2401b4218936187c62ec1572799e9e04c50d62

  o https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.6.zip

    SIZE: 19847926
    SHA1: 7fca2388cf9732163c005c1c7866368708305042
    SHA256: 0899af033c477c0eafeafd59925ce1165a651af6690c5812931d821b4a048d14
    SHA512: 25a8142c2d208705c4ec744ba4a65aa32b6de510cc6b716ab271ff12ec84430a34fac19ef2818570fd175ab76727506f683fa4d389842dcbb1069e732cf4fee3

Release Comment

Many committers, developers, and users who provided bug reports helped us make
this release. Thanks for their contributions.

- --------------------------------------------------------------------------------

Ruby 2.7.1 Released

Posted by naruse on 31 Mar 2020

Ruby 2.7.1 has been released.

This release includes security fixes. Please check the topics below for
details.

  o CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
    fix)
  o CVE-2020-10933: Heap exposure vulnerability in the socket library

See the commit logs for details.

Download

  o https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.1.tar.bz2

    SIZE: 14684616
    SHA1: e83a084a4329e1e3f55591bf5ac0c8ebed6444b3
    SHA256: d703d58a67e7ed822d6e4a6ea9e44255f689a5b6ea6752d17e8d031849822202
    SHA512: 4af568f5210379239531dbc54d35739f6ff7ab1d7ffcafc54fed2afeb2b30450d2df386504edf96a494465b3f5fd90cb030974668aa7a1fde5a6b042ea9ca858

  o https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.1.tar.gz

    SIZE: 16816471
    SHA1: 76e25fce50a87f76a3ccd6d0fdd9b7c792400249
    SHA256: d418483bdd0000576c1370571121a6eb24582116db0b7bb2005e90e250eae418
    SHA512: d54ec78d46644269a200cc64c84beed1baaea74189e0ffc167f90f4b9540bb6d9e7b19807c0990e1b13738b83d1e2bb4c712396d033db6a7501e6046fff12839

  o https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.1.tar.xz

    SIZE: 12003684
    SHA1: 6c92300d7fd3e9cbb433e5e687535dc5300848eb
    SHA256: b224f9844646cc92765df8288a46838511c1cec5b550d8874bd4686a904fcee7
    SHA512: 79f98b1ea98e0b10ec79da1883e8fc84d48ffe5c09ae945cbebde94365e35a589d919aac965f74d70ca7e21370ecee631ac5a8f9c4eac61d62f5aa629f27bf31

  o https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.1.zip

    SIZE: 20591655
    SHA1: 8b0e887d47b54154fe856b61617d3e3d5c5adda7
    SHA256: de8d2aa018016428bd30eab430aaa5e22428c2a897865285c53907bb53d55b13
    SHA512: f5fafae966ca4cf96737d28ffd261dee7a1b76ab9d219af5eef34c88f6e958ca62777de322b4c7acea6523279d8e8483a0a2d82db0beb25c2bb2387ce6f3ee76

Release Comment

Many committers, developers, and users who provided bug reports helped us make
this release. Thanks for their contributions.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYAZUUeNLKJtyKPYoAQjHrxAAi6hbN0INTiDITVEdJC0qNihidhNF3q2U
BwUxNLXTWBu6Tjm1CNIZ2RiVaspvc85fwqw2b8DeMCugznHNeaBsPC4kvpjtV5zn
+ivNf/v2EF2ph5KFRrahKgVhh49WWGnArnvs/qSC3pr0xwCIbl32JhkAUy69rDmz
yN+gljkhjSkMnEDucV35goKKO2j3jvxSyE1MJa2lkLiyydz1ogA052CUPFyx+bzV
aUj78pcmfxSfMAr4JC7bio6diEaAK2l3s5tv+5VwHXIVebtUDgi56JPR/trJ05wN
+SKK/mC9DAhAEF3Mx9tTGI4YgUF1ewDRSDUwQaqeAbWWClHL0RIFJxaG9jhe7PSZ
QJfpr1J7HeX2/RV/noIVxtdOxZVnxY1+DgDiLemXWySrM05MZcdbrvVKsFndonVm
2nkyNcoyPv2kVFBtDPd4TIdI9e6Zadp9wPgMhMSSRsRrBHGwB9KW47bQe514b6jN
SqoTxi6gRyyVTMlXKyhYuyc5n2w76uGApC85qWCTxo++coMfYAHUjgE1h6pyTNQQ
uj/nPQWUWnbLL28EfS9H+THE15ku3jqKFQSqmope7vSmW471DIlAtf6SVFvAE6BO
+ebLeImTvdKYK25lfJPRjf8Q1NnCH67ttAa3ELP4t5T5BH7krGoPjluCsiSXmgRG
1pvMhXOo4Tg=
=cFnG
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.1110.2 – UPDATE [Win][UNIX/Linux] Ruby: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/esb-2020-1110-2-update-winunix-linux-ruby-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-1110-2-update-winunix-linux-ruby-multiple-vulnerabilities

ESB-2021.0215 – [RedHat] postgresql:12: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0215
                       postgresql:12 security update
                              19 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           postgresql:12
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Access Confidential Data        -- Remote/Unauthenticated      
                   Reduced Security                -- Remote/Unauthenticated      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-25696 CVE-2020-25695 CVE-2020-25694
                   CVE-2020-14350 CVE-2020-14349 CVE-2020-1720

Reference:         ESB-2021.0214
                   ESB-2021.0211
                   ESB-2021.0104
                   ESB-2020.4533
                   ESB-2020.4517
                   ESB-2020.4469

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:0163

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: postgresql:12 security update
Advisory ID:       RHSA-2021:0163-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0163
Issue date:        2021-01-18
CVE Names:         CVE-2020-1720 CVE-2020-14349 CVE-2020-14350 
                   CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 
=====================================================================

1. Summary:

An update for the postgresql:12 module is now available for Red Hat
Enterprise Linux 8.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (12.5).

Security Fix(es):

* postgresql: Reconnection can downgrade connection security settings
(CVE-2020-25694)

* postgresql: Multiple features escape "security restricted operation"
sandbox (CVE-2020-25695)

* postgresql: Uncontrolled search path element in logical replication
(CVE-2020-14349)

* postgresql: Uncontrolled search path element in CREATE EXTENSION
(CVE-2020-14350)

* postgresql: psql's gset allows overwriting specially treated variables
(CVE-2020-25696)

* postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization
checks (CVE-2020-1720)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1798852 - CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
1865744 - CVE-2020-14349 postgresql: Uncontrolled search path element in logical replication
1865746 - CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION
1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings
1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox
1894430 - CVE-2020-25696 postgresql: psql's gset allows overwriting specially treated variables

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.src.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.src.rpm
postgresql-12.5-1.module+el8.2.0+9043+1dbb5661.src.rpm

aarch64:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.aarch64.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.aarch64.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-contrib-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-contrib-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-debugsource-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-docs-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-docs-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-plperl-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-plperl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-plpython3-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-plpython3-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-pltcl-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-pltcl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-server-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-server-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-server-devel-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-server-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-static-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-test-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-test-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-upgrade-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-upgrade-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-upgrade-devel-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm
postgresql-upgrade-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.aarch64.rpm

noarch:
postgresql-test-rpm-macros-12.5-1.module+el8.2.0+9043+1dbb5661.noarch.rpm

ppc64le:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-contrib-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-contrib-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-debugsource-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-docs-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-docs-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-plperl-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-plperl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-plpython3-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-plpython3-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-pltcl-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-pltcl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-server-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-server-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-server-devel-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-server-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-static-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-test-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-test-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-upgrade-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-upgrade-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-upgrade-devel-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.ppc64le.rpm

s390x:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.s390x.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.s390x.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-contrib-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-contrib-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-debugsource-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-docs-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-docs-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-plperl-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-plperl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-plpython3-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-plpython3-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-pltcl-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-pltcl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-server-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-server-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-server-devel-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-server-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-static-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-test-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-test-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-upgrade-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-upgrade-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-upgrade-devel-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm
postgresql-upgrade-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.s390x.rpm

x86_64:
pgaudit-1.4.0-4.module+el8.2.0+9043+1dbb5661.x86_64.rpm
pgaudit-debuginfo-1.4.0-4.module+el8.2.0+9043+1dbb5661.x86_64.rpm
pgaudit-debugsource-1.4.0-4.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-contrib-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-contrib-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-debugsource-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-docs-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-docs-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-plperl-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-plperl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-plpython3-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-plpython3-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-pltcl-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-pltcl-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-server-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-server-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-server-devel-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-server-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-static-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-test-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-test-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-upgrade-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-upgrade-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-upgrade-devel-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm
postgresql-upgrade-devel-debuginfo-12.5-1.module+el8.2.0+9043+1dbb5661.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-1720
https://access.redhat.com/security/cve/CVE-2020-14349
https://access.redhat.com/security/cve/CVE-2020-14350
https://access.redhat.com/security/cve/CVE-2020-25694
https://access.redhat.com/security/cve/CVE-2020-25695
https://access.redhat.com/security/cve/CVE-2020-25696
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYAVb99zjgjWX9erEAQghPw//fEHXpwJV6dikvIVkYW5vobPyBnotwgBK
IswNW9Y2qoU6O/ee6Ek5xivAn4WoZqlEvJVQXfV2pNvIne/4lBmf+vVod6F70Cnc
kgwAL/VHEjUDEaz19IaeZ57gMvF6JDRGEv617gC20R7kSdwwTphkagBX61JKJpid
/DD82q2El7Bxut8aDEK0GA24Mr75aY15RWUcIQMJnU9Rs4S1XtCLHvE4AAw82yeq
qwUPGKiJ7oJSd4Zt5Bb1wCFEKNFAfcjcrifLzj4JOgiOE9tamIX7qbX6r3Rqoldo
Hj/cdq5d33LnI90YaiI+m2o5eZVk0OgDuCV2Echr3B2FUHFc6bs0TxA223kIJwhk
ar4TH/2vCbGGqo5ksXOe8dINalvbeL5Q+FGZ2VmJZbrV4PaCyXtcfG/cl3JDLlYM
mpHsinyEYwTa1AF8gvsGnk+Fx28+peVW2nGS7Gm8AcPOezqDz0z+RmbmGITSj+T7
csJ6DybPyR5oaWme2e80uRTlZSoM8GhB0md0ZQ3oXyBzhb6BOPtDoPgKV7VzaA+m
fKjLiZfZgEdvcuO4/Go5ttAJOhjMT7aw8ahiYnWRN25HXOfCby7bKicUsOwh2uE5
FJqxiQo+RSYkoDYpK9DPYv09u7e3D8WAPVrmnHppEUvEl6xfOQ76w8Cxv87bhor6
v8Ee+EK0jFE=
=W1S+
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYAYXfuNLKJtyKPYoAQgdMxAAp5noWlg6g9HPyCskaXfmrUtYjw9AaLKG
n7JJ/mDhyg04H5EJg8knDhQF+I2Qfdx5zNew9OK4LzN/Ds+PVrNM4LAqNXfiWPEe
DEqaS3lN5yhGET0fhM64W/di5dRJWeZYYZnk3mCblyRMxbVADfyzeE0gSUGCuP5J
O1QYtHloVm5W8MvY1yyrF7rUougBv19m0Byie8lMTr3WXk+wYzZoM4zRfoc3jCiD
6Gwv8HUUXNEcMsb8UQqou4k+ab2fZHB4lbcJynbQ4ieiHDxud4JiyZKIUUf49eT2
e236ewkB0/SnUnW+d3SBzYdyhvC0Lfdw87tXqzMqy7Kf9HX3odzED/RB2MCx68i8
F25j1NYFv9ks6jxFKPvBeMUkSkQdHsJpuwrP3IQ8wRZrlVMzE9d0tPd3BUA0Nckm
6KNHeCIiJDaLqAZu+mSlkmMxox1ZioF+hS+R+ANp57t4wUEdAjzxdl/rEUl5pXZk
AEwq4lRe9vanKYEJqdzGLt9D92xfQVN739MGZH+SoLavX8UwaU7fWqV9/3Uo4dYG
BB/t+uHmKdPyGycQTowAK995SjX57wPCWO4Cg9Jbrk8famCauVQ6lZK0f0tUCLdE
0Z6NZbY471VYyaGrw2izWzo/viJ8EWEdSRbXAgtk4RrsN36kT9JSxT3huPTzwmEc
CR1V0ut0z6U=
=p4k5
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0215 – [RedHat] postgresql:12: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/esb-2021-0215-redhat-postgresql12-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0215-redhat-postgresql12-multiple-vulnerabilities

ESB-2021.0216 – [RedHat] postgresql:10: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0216
                       postgresql:10 security update
                              19 January 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           postgresql:10
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Access Confidential Data        -- Remote/Unauthenticated      
                   Reduced Security                -- Remote/Unauthenticated      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-25696 CVE-2020-25695 CVE-2020-25694
                   CVE-2020-14350 CVE-2020-14349 CVE-2020-1720
                   CVE-2019-10208 CVE-2019-10164 CVE-2019-10130

Reference:         ESB-2021.0215
                   ESB-2021.0214
                   ESB-2021.0211
                   ESB-2021.0104
                   ESB-2020.4533

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:0161
   https://access.redhat.com/errata/RHSA-2021:0166

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: postgresql:10 security update
Advisory ID:       RHSA-2021:0161-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0161
Issue date:        2021-01-18
CVE Names:         CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 
=====================================================================

1. Summary:

An update for the postgresql:10 module is now available for Red Hat
Enterprise Linux 8.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (10.15).

Security Fix(es):

* postgresql: Reconnection can downgrade connection security settings
(CVE-2020-25694)

* postgresql: Multiple features escape "security restricted operation"
sandbox (CVE-2020-25695)

* postgresql: psql's gset allows overwriting specially treated variables
(CVE-2020-25696)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security 
settings
1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted 
operation" sandbox
1894430 - CVE-2020-25696 postgresql: psql's gset allows overwriting specially treated 
variables

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:
postgresql-10.15-1.module+el8.2.0+8945+21c7d5de.src.rpm

aarch64:
postgresql-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-contrib-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-debugsource-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-docs-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-plperl-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-plpython3-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-pltcl-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-server-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-server-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-server-devel-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-static-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-test-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-test-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-upgrade-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-upgrade-devel-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.aarch64.rpm

ppc64le:
postgresql-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-contrib-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-debugsource-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-docs-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-plperl-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-plpython3-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-pltcl-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-server-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-server-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-server-devel-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-static-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-test-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-test-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-upgrade-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-upgrade-devel-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.ppc64le.rpm

s390x:
postgresql-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-contrib-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-debugsource-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-docs-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-plperl-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-plpython3-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-pltcl-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-server-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-server-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-server-devel-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-static-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-test-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-test-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-upgrade-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-upgrade-devel-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.s390x.rpm

x86_64:
postgresql-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-contrib-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-debugsource-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-docs-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-plperl-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-plpython3-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-pltcl-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-server-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-server-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-server-devel-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-static-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-test-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-test-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-upgrade-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-upgrade-devel-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.2.0+8945+21c7d5de.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-25694
https://access.redhat.com/security/cve/CVE-2020-25695
https://access.redhat.com/security/cve/CVE-2020-25696
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYAVcEdzjgjWX9erEAQhr/hAAoFmQhIFr+aNymk8971ha538xj5F4aAHF
HfMRtB+CqkA+bAnNvUNJSw4irE2Jshk6COsGnbl1jX3KokAGmskMn6lQkdYNVBbg
ezh0vCVVSnsrt16y3N5JqIeZz/IC0BrA9ak8JrbAuETX5PP8S/xePFZFjJyP+U8N
rQlG5gXSKW8UHAspWSmqYIWSMxN+LebCgCvf1ZnWFYREcaAZM+jrrlIJhMBUk3ZU
v0+RYMZf999LtTbZGxvrIV02dTTEvAIb9r0kBcDtGfrLG40CTx8I9UcbXwSimWWM
oMf440Jo8WIsBDTaxRk4WK3BoT41TL1m5a8hiHEa3jK11IHMbfAY3xYgxiHj1qMw
SOZ8KwKloHOjot7drwWaGq3lUdGGTAHCvahwCCt2+mozWAy8uChAUR13TBNTkL8+
nPirGAMPFiKhymVlF6ZqH7JmYf0YlnKXdTMYxu04/JzIEgWBrNblW/sQA3SiYC6V
Aomi0JPQJWmobU+XcW3esdWVskt+Bklo7NyR4/602XXeH809wZqsmSBaB3RMDlFu
KV/iQx2zKOihBIdA3zSy7GDP0c148SOh5hSP2zMWW5SkUWWfmN/OsIl1wWrZBPKU
erUMIWd3N18Qd8CD5zpGDb11+IRzRP2aVYhtX/wAf1g3MBsU92VZ2VkihjsiFAOj
qPpDQ95gXbA=
=ZIlJ
- -----END PGP SIGNATURE-----

- --------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: postgresql:10 security update
Advisory ID:       RHSA-2021:0166-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:0166
Issue date:        2021-01-18
CVE Names:         CVE-2019-10130 CVE-2019-10164 CVE-2019-10208 
                   CVE-2020-1720 CVE-2020-14349 CVE-2020-14350 
                   CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 
=====================================================================

1. Summary:

An update for the postgresql:10 module is now available for Red Hat
Enterprise Linux 8.1 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (10.15).

Security Fix(es):

* postgresql: Reconnection can downgrade connection security settings
(CVE-2020-25694)

* postgresql: Multiple features escape "security restricted operation"
sandbox (CVE-2020-25695)

* postgresql: Stack-based buffer overflow via setting a password
(CVE-2019-10164)

* postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY
DEFINER execution (CVE-2019-10208)

* postgresql: Uncontrolled search path element in logical replication
(CVE-2020-14349)

* postgresql: Uncontrolled search path element in CREATE EXTENSION
(CVE-2020-14350)

* postgresql: psql's gset allows overwriting specially treated variables
(CVE-2020-25696)

* postgresql: Selectivity estimators bypass row security policies
(CVE-2019-10130)

* postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization
checks (CVE-2020-1720)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

1707109 - CVE-2019-10130 postgresql: Selectivity estimators bypass row security policies
1719698 - CVE-2019-10164 postgresql: Stack-based buffer overflow via setting a password
1734416 - CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution
1798852 - CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
1865744 - CVE-2020-14349 postgresql: Uncontrolled search path element in logical replication
1865746 - CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION
1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings
1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox
1894430 - CVE-2020-25696 postgresql: psql's gset allows overwriting specially treated variables

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.1):

Source:
postgresql-10.15-1.module+el8.1.0+9154+cd474635.src.rpm

aarch64:
postgresql-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-contrib-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-debugsource-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-docs-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-plperl-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-plpython3-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-pltcl-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-server-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-server-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-server-devel-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-static-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-test-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-test-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-upgrade-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-upgrade-devel-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.aarch64.rpm

ppc64le:
postgresql-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-contrib-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-debugsource-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-docs-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-plperl-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-plpython3-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-pltcl-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-server-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-server-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-server-devel-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-static-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-test-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-test-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-upgrade-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-upgrade-devel-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.ppc64le.rpm

s390x:
postgresql-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-contrib-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-debugsource-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-docs-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-plperl-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-plpython3-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-pltcl-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-server-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-server-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-server-devel-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-static-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-test-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-test-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-upgrade-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-upgrade-devel-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.s390x.rpm

x86_64:
postgresql-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-contrib-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-contrib-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-debugsource-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-docs-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-docs-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-plperl-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-plperl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-plpython3-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-plpython3-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-pltcl-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-pltcl-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-server-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-server-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-server-devel-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-server-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-static-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-test-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-test-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-test-rpm-macros-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-upgrade-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-upgrade-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-upgrade-devel-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.1.0+9154+cd474635.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-10130
https://access.redhat.com/security/cve/CVE-2019-10164
https://access.redhat.com/security/cve/CVE-2019-10208
https://access.redhat.com/security/cve/CVE-2020-1720
https://access.redhat.com/security/cve/CVE-2020-14349
https://access.redhat.com/security/cve/CVE-2020-14350
https://access.redhat.com/security/cve/CVE-2020-25694
https://access.redhat.com/security/cve/CVE-2020-25695
https://access.redhat.com/security/cve/CVE-2020-25696
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYAW1QtzjgjWX9erEAQhSohAAiL/TBlSjfADYiF6xLFQlaVVqmWNJ3sV5
q6uTdmp+/ZneVgQOWvB4NHs+6wnD/tge7cenFmhHRPEXBc2ddzO+zgSiBw4Kdxa5
cWOCjrDBcR6ePcATGYamhQwcIw9F/ScthnQuv6A6kNf3am1xyfi41XxlaVfdELjg
SGQhkyADvYqU4KK2m5xJHb6Tiz9GUG/ZFxkdp7/Bgo05ZAgsgeisZFkX5sGJ2Cej
/gdo+Hzd4GC8ZGLKNYvVtmTWNF4KCttNTzt2YG2f9AWdijXaiLcYC4c2i/B6r5FI
asrO+JKSfchbjggMrqKiYHH+KivxXUia/U+dc6DGSkTTCRS17Q/TD2b2bpdSS3Zn
x16HD8mDA2fzpN9YXzMXBed45c1tc6aXtQmIPidYnvINbKP1i+dYNamz9cNJMBzJ
QfoR4uOflkTbQZpNuZXy/j3LSGZZ18GI7WKjuVGjxlRdYFkdcIPCKxakQ0IwMRIb
qqMs9UqelxFkUGfT8OcfS9yVhRJZims3LhXz9F/ijZrGOMsnIWiznJUC6CCPX0Av
Qxo8RdAuVK68e3xG61P/axwbpKfUBA40eBcIRjSse7s2ZnDkxbVVp0YL/ZSDZ/VT
rMQl0bSRdid37RKQT8FGISrqh7G2GaGimehYFmCXqpMp+hhGxKEdME19/ynfT2Bf
lnP7IGV4UNM=
=d1Ci
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYAYXl+NLKJtyKPYoAQhrcA//Zuk5F0nZBpeftLQ7Af8rLvsgOmadmIxt
ca4Lnq+MQUHIB3PcJaNS6jPwLjgp3zptwu88W4lXhnXbgE5K3mXfUmG3vRbRBM10
Kab1+weGmMrKlmVEY5mbZ7OAoH0/PVefJnza6IkB6v90XrPCx27I8oPe1ZVEal9B
LrTITkpzHpnjOUx+vTDEniwprAW3RseygKvTjwDdJgSr/9IzXSp+Y6x9fOmI+kKG
379V6/RV4uNQbIkH1pBOccuezdDH30CgUV6GU3o+gd5zoAW5jsQkBQQa6xPzcZbZ
97ePMUuVVlV9bb/3dBNNfFEElf8fjJH4w9haKiZPnh5TsCa1+eMrT3jmylSMcZfq
jtv9Jlt50d6mgT8h7BASFOqtRWphzBRNxGF1xHWlNqyDZcyzGKTa6KnfnXHccRsP
PgsQXX2ueQmbfXa3TiJt00gA+NWftxUPICV/GczWNFpjGSL8b4xVlRmfFlrl09nS
RUE4RcLVOIS7seJE8+DeUPnb2xzD/95p3L+qujDbY6nLpIhtrOnAGI7JrHNZGMTH
V70UGFmDmI9dQANB1mDtHjgIu9KeRzIGxZd1hcH04bstIhmtRBsvy7Yg7AkvHc99
PqbpUCmTyKApP8cnJS9oKQEcWQD9nBvcXgVAGCII74Xn9VcrfDlDGh3Hiup7IlK7
W53xY4+7mxA=
=Xsrh
-----END PGP SIGNATURE-----

Read More

The post ESB-2021.0216 – [RedHat] postgresql:10: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/01/19/esb-2021-0216-redhat-postgresql10-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-0216-redhat-postgresql10-multiple-vulnerabilities