Lucene search

K
redhatRedHatRHSA-2023:7884
HistoryDec 20, 2023 - 9:19 a.m.

(RHSA-2023:7884) Important: postgresql:15 security update

2023-12-2009:19:17
access.redhat.com
20
postgresql
security update
cve fixes
buffer overrun
memory disclosure
sql injection
role privilege
security policy.

8.4 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.7%

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

  • postgresql: Buffer overrun from integer overflow in array modification (CVE-2023-5869)

  • postgresql: Memory disclosure in aggregate function calls (CVE-2023-5868)

  • postgresql: extension script @substitutions@ within quoting allow SQL injection (CVE-2023-39417)

  • postgresql: Role pg_signal_backend can signal certain superuser processes. (CVE-2023-5870)

  • postgresql: MERGE fails to enforce UPDATE or SELECT row security policies (CVE-2023-39418)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanys390xpg_repack-debuginfo< 1.4.8-1.module+el8.9.0+19797+c4ce5969pg_repack-debuginfo-1.4.8-1.module+el8.9.0+19797+c4ce5969.s390x.rpm
RedHatanys390xpostgresql-static< 15.5-1.module+el8.9.0+20663+03952ce4postgresql-static-15.5-1.module+el8.9.0+20663+03952ce4.s390x.rpm
RedHatanyx86_64pg_repack-debuginfo< 1.4.8-1.module+el8.9.0+19797+c4ce5969pg_repack-debuginfo-1.4.8-1.module+el8.9.0+19797+c4ce5969.x86_64.rpm
RedHatanyx86_64postgresql-server-devel< 15.5-1.module+el8.9.0+20663+03952ce4postgresql-server-devel-15.5-1.module+el8.9.0+20663+03952ce4.x86_64.rpm
RedHatanyaarch64postgresql-upgrade-devel-debuginfo< 15.5-1.module+el8.9.0+20663+03952ce4postgresql-upgrade-devel-debuginfo-15.5-1.module+el8.9.0+20663+03952ce4.aarch64.rpm
RedHatanyppc64lepostgresql-contrib-debuginfo< 15.5-1.module+el8.9.0+20663+03952ce4postgresql-contrib-debuginfo-15.5-1.module+el8.9.0+20663+03952ce4.ppc64le.rpm
RedHatanyaarch64postgresql-docs< 15.5-1.module+el8.9.0+20663+03952ce4postgresql-docs-15.5-1.module+el8.9.0+20663+03952ce4.aarch64.rpm
RedHatanyaarch64postgres-decoderbufs< 1.9.7-1.Final.module+el8.9.0+19797+c4ce5969postgres-decoderbufs-1.9.7-1.Final.module+el8.9.0+19797+c4ce5969.aarch64.rpm
RedHatanyppc64lepostgresql-plpython3-debuginfo< 15.5-1.module+el8.9.0+20663+03952ce4postgresql-plpython3-debuginfo-15.5-1.module+el8.9.0+20663+03952ce4.ppc64le.rpm
RedHatanys390xpostgres-decoderbufs-debuginfo< 1.9.7-1.Final.module+el8.9.0+19797+c4ce5969postgres-decoderbufs-debuginfo-1.9.7-1.Final.module+el8.9.0+19797+c4ce5969.s390x.rpm
Rows per page:
1-10 of 1451