Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2020:5661 - Security Advisory
Issued:
2020-12-22
Updated:
2020-12-22

RHSA-2020:5661 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: postgresql:9.6 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (9.6.20).

Security Fix(es):

  • postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694)
  • postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695)
  • postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208)
  • postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350)
  • postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696)
  • postgresql: Selectivity estimators bypass row security policies (CVE-2019-10130)
  • postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks (CVE-2020-1720)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0 x86_64

Fixes

  • BZ - 1707109 - CVE-2019-10130 postgresql: Selectivity estimators bypass row security policies
  • BZ - 1734416 - CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution
  • BZ - 1798852 - CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
  • BZ - 1865746 - CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION
  • BZ - 1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings
  • BZ - 1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox
  • BZ - 1894430 - CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables

CVEs

  • CVE-2019-10130
  • CVE-2019-10208
  • CVE-2020-1720
  • CVE-2020-14350
  • CVE-2020-25694
  • CVE-2020-25695
  • CVE-2020-25696

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0

SRPM
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.src.rpm SHA-256: 0f5aa81c82e161d2cd29b47c26b64650459663ce5f21d51ad7ed92a7038ce4ad
ppc64le
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 9e997bc214f9f5f499d1c2266afd50c5ff42dfc0cd1529b6f0796355e2ca10e4
postgresql-contrib-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: d6d5308392c8fafcd40bc2a12c90dafb23bc4a6f7b80f79e0b5968ead9d79e43
postgresql-contrib-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 298a71d9d6de6f69fca7207051b966e80259bbd3027b8dea71cb893448f81b7c
postgresql-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 9f31e501e4ce37415e8e79a5f7d360ed3907f0f97d1654020a6ce217a2a6b9be
postgresql-debugsource-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 165e74e6a72f2ec3e9a57343bf5e3185558f381554f463a95f5145d140b89c9a
postgresql-docs-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: d72ac4f523b974ee3ee84bd1a43d349046f13c0b7518ee183aac37d24e2d92a0
postgresql-docs-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: f9ad4d49b7744b0cf7c1789b58f851d57791f5377f40dfb527faeac66451e598
postgresql-plperl-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: f8ddabeb852fc37075736aec080373aaf9904c69396d8e97f2fc49b1c44265ce
postgresql-plperl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: adceebeec8acf319a18ccc6f955be33140db69ef74bc411ee107b84bba28fc3e
postgresql-plpython3-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: e56ce5edeab59a39e76fa275cb79c8b0f225ca654f2d95d65fa23f5d083e80d3
postgresql-plpython3-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 8c9577ad55564a4f6c0f3d0dbcebb3a1de13dab276eab6a355366553a7fd4e0a
postgresql-pltcl-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: ed1d16c4c0c25be6f06945c737ccd3824d9bd18ad722da76fe032f3acdb0efb4
postgresql-pltcl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 161bd6837a4e9c36d2e51c01efab96872f3ff40304b08dcfda6077cd503c0fec
postgresql-server-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 168b43ac6692e014a421327a573b0bc6c2f0fe24d51136456276bf27a10c149a
postgresql-server-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: f8b8e94967aaf474386567cc0d717c2b7d654b50a0f50583d6fee617dd79eab2
postgresql-server-devel-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 682050d72064c22b7137ce91030d663c748574adbc7435c6751288edddd601aa
postgresql-server-devel-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 2dca0874e3f975b55d7e052b8bb647d353809c29b682b9f09c94c9777965d848
postgresql-static-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 2eb5fc07ac33a51baab72e13b2a4fa3306dd9e427a3538c77a9cf3b6a8249d88
postgresql-test-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: e7a2ce0ab3236bde64e86aba9fa0fd02b46dc8568692074c37a5d780a9e29994
postgresql-test-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 7e3e55df464b8a53667ced53bed070ba314c6f96c156f560598ec34a7f039366
postgresql-test-rpm-macros-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: d10dedddc7c335d9c70b4bbc7bdb2e06bed4bca1f73e92b7d2b872bda5c06f92

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0

SRPM
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.src.rpm SHA-256: 0f5aa81c82e161d2cd29b47c26b64650459663ce5f21d51ad7ed92a7038ce4ad
x86_64
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 32061389371b8a428902ea852a034f49b9f9fdebea34784ce9046841f2b43ad3
postgresql-contrib-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 04e3e2b972dbb0867c1aab9ab5f293afa3c942939182958f0bff41cf24c23a4b
postgresql-contrib-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: bd5cfdc1527f2562e8c59ec9000f16fa25430a2efe1fb53597affc4a8b681473
postgresql-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 9159913778fe4a7f59f37866307092673bb9e7b0dc0198586dcaea6b4ef07e3d
postgresql-debugsource-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 535843bf91d19e32d2de6bbc8afab960579d230b81d771170f65af11944d289f
postgresql-docs-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 076e125c6b976f0432e20e2a1e82ac73694283ab2446f1ed765d869fb8efd7cb
postgresql-docs-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: e8f0665c363111ae5c68f520961cbd0b84f21055855867ce7e128e0c579f10e1
postgresql-plperl-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 5993b7cfb16b9f481029aac7f259b3feccc81951f78b344f60c118a664ea94b7
postgresql-plperl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: f50d14833b7655097a08c47f95e1834211e88eeb43d74fb99c92dae8f5bf70ec
postgresql-plpython3-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 2f3c0337e9d999e039e15603d7d5a7da63b0e301da8d7a1bdc17641214959cef
postgresql-plpython3-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 8a07ee1ed5158dcee665b44cd8be78435db3da445fccec1d9fef456d6538279d
postgresql-pltcl-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: cc52c9a533333f1dc244658f19e4d6559589182b669da5be8338fe47e6c5db7e
postgresql-pltcl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 6f242dc11947f16d8890c3086a06091ef27355a702f29888d405d97ff51bb326
postgresql-server-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 18c726fe1db85eed32fbacca30268c57edcb67d45eeb2c5c2fa2a83ee3e90e8b
postgresql-server-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 25822728612037d02bb20d31636479a8755506b7ddd37a2911e23e425b45f099
postgresql-server-devel-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 5a3bf4be679039da3a753a05be5316180023b86d399d5fc6012cbd7740ac0f37
postgresql-server-devel-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: d799a6467094cf44de20661f727e33580b8c21e4436b06b81fc32e1ab73ffe32
postgresql-static-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 32468b14c745145f3629a55ffbe921560f070032a67c5293e2c719936f6ff81e
postgresql-test-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 55aff9fb3535ffeb834395ae6326ced7613894c665bc733887a6acf1967a2a95
postgresql-test-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: d3a09b68d8cb54d0624702ee308da44158c676b66e0571371d68ce7ec565b0ac
postgresql-test-rpm-macros-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 436566aeffec429ee6097987a54ef30002e6f3ba4d87091c22951aa7f4997e88

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter