RHSA-2015:0699 Red Hat Security Advisory: postgresql92-postgresql security update

Bulletin has no description...

RHSA-2014:0221 Red Hat Security Advisory: postgresql92-postgresql security update

Bulletin has no description...

postgresql:15 security update

pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack postgres-decoderbufs 1.9.7-1.Final - Iitial import for postgresql 15 stream - Related: 2128410 postgresql 15.8-1 - Update to 15.8 15.6-3 - Remove /var/run/postgresql -...

CVE-2024-32655

Npgsql is the .NET data provider for PostgreSQL. The WriteBind method in src/Npgsql/Internal/NpgsqlConnector.FrontendMessages.cs uses int variables to store the message length and the sum of parameter lengths. Both variables overflow when the sum of parameter lengths becomes too large. This cause...

ALSA-2024:0956 Important: postgresql:10 security update

PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

Important: Red Hat Security Advisory: rh-postgresql10-postgresql security update

An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE-SU-2023:4495-1 Security update for postgresql, postgresql15, postgresql16

This update for postgresql, postgresql15, postgresql16 fixes the following issues: This update ships postgresql 16. Security issues fixed: CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT 'any' aggregate functions. This error led to a text-type value being interpreted as an...

SUSE-SU-2023:4479-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Security issues fixed: CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT 'any' aggregate functions. This error led to a text-type value being interpreted as an unknown-type value that is, a zero-terminated string at runtime...

SUSE-SU-2023:4433-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: Security issues fixed: CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT 'any' aggregate functions. This error led to a text-type value being interpreted as an unknown-type value that is, a zero-terminated string at runtime...

SUSE-SU-2023:4418-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Security issues fixed: CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT 'any' aggregate functions. This error led to a text-type value being interpreted as an unknown-type value that is, a zero-terminated string at runtime...

SUSE-SU-2023:3345-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 13.12 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

Moderate: Red Hat Security Advisory: postgresql:12 security update

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : rh-postgresql12-postgresql (RHSA-2023:4313)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4313 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective...

CVE-2023-2455

Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security...

MGASA-2023-0187 Updated postgresql packages fix security vulnerability

CREATE SCHEMA ... schemaelement defeats protective searchpath changes. CVE-2023-2454 Row security policies disregard user ID changes after inlining. CVE-2023-2455...

SUSE-SU-2023:2219-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Updated to version 13.11: - CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script bsc1211228. - CVE-2023-2455: Fixed an issue that coul...

FreeBSD : postgresql-server -- CREATE SCHEMA ... schema elements defeats protective search_path changes (fbb5a260-f00f-11ed-bbae-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fbb5a260-f00f-11ed-bbae-6cc21735f730 advisory. - CREATE SCHEMA ... schemaelement defeats protective searchpath changesmore details CVE-2023-2454 Note...

SUSE-SU-2023:2200-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: Updated to version 12.15: - CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script bsc1211228. - CVE-2023-2455: Fixed an issue that coul...

SUSE CVE-2018-10915

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side...

DLA-3316-1 postgresql-11 - security update

Bulletin has no description...