RLSA-2024:5929
Important: postgresql:16 security update
Topic
An update is available for pgaudit, postgresql, module.pgaudit, pg_repack, module.postgres-decoderbufs, module.pg_repack, postgres-decoderbufs, module.postgresql.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Description
PostgreSQL is an advanced object-relational database management system (DBMS).
Security Fix(es):
* postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks (CVE-2024-4317)
* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Rocky Linux 9
SRPMs
- pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.src.rpm
- pg_repack-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.src.rpm
- postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.src.rpm
- postgresql-0:16.4-1.module+el9.4.0+25517+42a2506b.src.rpm
RPMs
- pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- pg_repack-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.aarch64.rpm
- pg_repack-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.ppc64le.rpm
- pg_repack-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.s390x.rpm
- pg_repack-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.x86_64.rpm
- pg_repack-debuginfo-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.aarch64.rpm
- pg_repack-debuginfo-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.ppc64le.rpm
- pg_repack-debuginfo-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.s390x.rpm
- pg_repack-debuginfo-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.x86_64.rpm
- pg_repack-debugsource-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.aarch64.rpm
- pg_repack-debugsource-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.ppc64le.rpm
- pg_repack-debugsource-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.s390x.rpm
- pg_repack-debugsource-0:1.4.8-1.module+el9.4.0+25512+c6b50a48.x86_64.rpm
- postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-contrib-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-contrib-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-contrib-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-contrib-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-contrib-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-contrib-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-contrib-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-contrib-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-debugsource-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-debugsource-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-debugsource-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-debugsource-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-docs-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-docs-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-docs-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-docs-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-docs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-docs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-docs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-docs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-plperl-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-plperl-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-plperl-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-plperl-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-plperl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-plperl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-plperl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-plperl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-plpython3-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-plpython3-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-plpython3-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-plpython3-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-plpython3-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-plpython3-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-plpython3-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-plpython3-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-pltcl-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-pltcl-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-pltcl-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-pltcl-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-pltcl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-pltcl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-pltcl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-pltcl-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-private-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-private-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-private-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-private-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-private-libs-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-private-libs-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-private-libs-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-private-libs-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-private-libs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-private-libs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-private-libs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-private-libs-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-server-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-server-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-server-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-server-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-server-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-server-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-server-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-server-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-server-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-server-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-server-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-server-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-server-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-server-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-server-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-server-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-static-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-static-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-static-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-static-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-test-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-test-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-test-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-test-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-test-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-test-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-test-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-test-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-test-rpm-macros-0:16.4-1.module+el9.4.0+25517+42a2506b.noarch.rpm
- postgresql-upgrade-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-upgrade-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-upgrade-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-upgrade-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-upgrade-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-upgrade-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-upgrade-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-upgrade-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-upgrade-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-upgrade-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-upgrade-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-upgrade-devel-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
- postgresql-upgrade-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.aarch64.rpm
- postgresql-upgrade-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm
- postgresql-upgrade-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.s390x.rpm
- postgresql-upgrade-devel-debuginfo-0:16.4-1.module+el9.4.0+25517+42a2506b.x86_64.rpm
Issued: 9/17/2024
Type: Security
Severity: Important
Affected Product
- Rocky Linux 9
Fixes
References
- No references