Product Errata

RLSA-2024:5929

Important: postgresql:16 security update

Topic

An update is available for pgaudit, postgresql, module.pgaudit, pg_repack, module.postgres-decoderbufs, module.pg_repack, postgres-decoderbufs, module.postgresql.

This update affects Rocky Linux 9.

A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks (CVE-2024-4317)

* postgresql: PostgreSQL relation replacement during pg_dump executes arbitrary SQL (CVE-2024-7348)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Issued: 9/17/2024

Type: Security

Severity: Important

Affected Product

  • Rocky Linux 9

References

  • No references