Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:5661 - Security Advisory
Issued:
2020-12-22
Updated:
2020-12-22

RHSA-2020:5661 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: postgresql:9.6 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (9.6.20).

Security Fix(es):

  • postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694)
  • postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695)
  • postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208)
  • postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350)
  • postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696)
  • postgresql: Selectivity estimators bypass row security policies (CVE-2019-10130)
  • postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks (CVE-2020-1720)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0 x86_64

Fixes

  • BZ - 1707109 - CVE-2019-10130 postgresql: Selectivity estimators bypass row security policies
  • BZ - 1734416 - CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution
  • BZ - 1798852 - CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
  • BZ - 1865746 - CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION
  • BZ - 1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings
  • BZ - 1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox
  • BZ - 1894430 - CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables

CVEs

  • CVE-2019-10130
  • CVE-2019-10208
  • CVE-2020-1720
  • CVE-2020-14350
  • CVE-2020-25694
  • CVE-2020-25695
  • CVE-2020-25696

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0

SRPM
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.src.rpm SHA-256: 0f5aa81c82e161d2cd29b47c26b64650459663ce5f21d51ad7ed92a7038ce4ad
ppc64le
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 9e997bc214f9f5f499d1c2266afd50c5ff42dfc0cd1529b6f0796355e2ca10e4
postgresql-contrib-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: d6d5308392c8fafcd40bc2a12c90dafb23bc4a6f7b80f79e0b5968ead9d79e43
postgresql-contrib-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 298a71d9d6de6f69fca7207051b966e80259bbd3027b8dea71cb893448f81b7c
postgresql-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 9f31e501e4ce37415e8e79a5f7d360ed3907f0f97d1654020a6ce217a2a6b9be
postgresql-debugsource-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 165e74e6a72f2ec3e9a57343bf5e3185558f381554f463a95f5145d140b89c9a
postgresql-docs-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: d72ac4f523b974ee3ee84bd1a43d349046f13c0b7518ee183aac37d24e2d92a0
postgresql-docs-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: f9ad4d49b7744b0cf7c1789b58f851d57791f5377f40dfb527faeac66451e598
postgresql-plperl-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: f8ddabeb852fc37075736aec080373aaf9904c69396d8e97f2fc49b1c44265ce
postgresql-plperl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: adceebeec8acf319a18ccc6f955be33140db69ef74bc411ee107b84bba28fc3e
postgresql-plpython3-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: e56ce5edeab59a39e76fa275cb79c8b0f225ca654f2d95d65fa23f5d083e80d3
postgresql-plpython3-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 8c9577ad55564a4f6c0f3d0dbcebb3a1de13dab276eab6a355366553a7fd4e0a
postgresql-pltcl-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: ed1d16c4c0c25be6f06945c737ccd3824d9bd18ad722da76fe032f3acdb0efb4
postgresql-pltcl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 161bd6837a4e9c36d2e51c01efab96872f3ff40304b08dcfda6077cd503c0fec
postgresql-server-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 168b43ac6692e014a421327a573b0bc6c2f0fe24d51136456276bf27a10c149a
postgresql-server-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: f8b8e94967aaf474386567cc0d717c2b7d654b50a0f50583d6fee617dd79eab2
postgresql-server-devel-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 682050d72064c22b7137ce91030d663c748574adbc7435c6751288edddd601aa
postgresql-server-devel-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 2dca0874e3f975b55d7e052b8bb647d353809c29b682b9f09c94c9777965d848
postgresql-static-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 2eb5fc07ac33a51baab72e13b2a4fa3306dd9e427a3538c77a9cf3b6a8249d88
postgresql-test-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: e7a2ce0ab3236bde64e86aba9fa0fd02b46dc8568692074c37a5d780a9e29994
postgresql-test-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: 7e3e55df464b8a53667ced53bed070ba314c6f96c156f560598ec34a7f039366
postgresql-test-rpm-macros-9.6.20-1.module+el8.0.0+9157+356b8def.ppc64le.rpm SHA-256: d10dedddc7c335d9c70b4bbc7bdb2e06bed4bca1f73e92b7d2b872bda5c06f92

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0

SRPM
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.src.rpm SHA-256: 0f5aa81c82e161d2cd29b47c26b64650459663ce5f21d51ad7ed92a7038ce4ad
x86_64
postgresql-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 32061389371b8a428902ea852a034f49b9f9fdebea34784ce9046841f2b43ad3
postgresql-contrib-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 04e3e2b972dbb0867c1aab9ab5f293afa3c942939182958f0bff41cf24c23a4b
postgresql-contrib-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: bd5cfdc1527f2562e8c59ec9000f16fa25430a2efe1fb53597affc4a8b681473
postgresql-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 9159913778fe4a7f59f37866307092673bb9e7b0dc0198586dcaea6b4ef07e3d
postgresql-debugsource-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 535843bf91d19e32d2de6bbc8afab960579d230b81d771170f65af11944d289f
postgresql-docs-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 076e125c6b976f0432e20e2a1e82ac73694283ab2446f1ed765d869fb8efd7cb
postgresql-docs-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: e8f0665c363111ae5c68f520961cbd0b84f21055855867ce7e128e0c579f10e1
postgresql-plperl-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 5993b7cfb16b9f481029aac7f259b3feccc81951f78b344f60c118a664ea94b7
postgresql-plperl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: f50d14833b7655097a08c47f95e1834211e88eeb43d74fb99c92dae8f5bf70ec
postgresql-plpython3-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 2f3c0337e9d999e039e15603d7d5a7da63b0e301da8d7a1bdc17641214959cef
postgresql-plpython3-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 8a07ee1ed5158dcee665b44cd8be78435db3da445fccec1d9fef456d6538279d
postgresql-pltcl-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: cc52c9a533333f1dc244658f19e4d6559589182b669da5be8338fe47e6c5db7e
postgresql-pltcl-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 6f242dc11947f16d8890c3086a06091ef27355a702f29888d405d97ff51bb326
postgresql-server-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 18c726fe1db85eed32fbacca30268c57edcb67d45eeb2c5c2fa2a83ee3e90e8b
postgresql-server-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 25822728612037d02bb20d31636479a8755506b7ddd37a2911e23e425b45f099
postgresql-server-devel-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 5a3bf4be679039da3a753a05be5316180023b86d399d5fc6012cbd7740ac0f37
postgresql-server-devel-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: d799a6467094cf44de20661f727e33580b8c21e4436b06b81fc32e1ab73ffe32
postgresql-static-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 32468b14c745145f3629a55ffbe921560f070032a67c5293e2c719936f6ff81e
postgresql-test-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 55aff9fb3535ffeb834395ae6326ced7613894c665bc733887a6acf1967a2a95
postgresql-test-debuginfo-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: d3a09b68d8cb54d0624702ee308da44158c676b66e0571371d68ce7ec565b0ac
postgresql-test-rpm-macros-9.6.20-1.module+el8.0.0+9157+356b8def.x86_64.rpm SHA-256: 436566aeffec429ee6097987a54ef30002e6f3ba4d87091c22951aa7f4997e88

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility