Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2020:5664 - Security Advisory
Issued:
2020-12-22
Updated:
2020-12-22

RHSA-2020:5664 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: postgresql:10 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

The following packages have been upgraded to a later upstream version: postgresql (10.15).

Security Fix(es):

  • postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694)
  • postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695)
  • postgresql: Stack-based buffer overflow via setting a password (CVE-2019-10164)
  • postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208)
  • postgresql: Uncontrolled search path element in logical replication (CVE-2020-14349)
  • postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350)
  • postgresql: psql's \gset allows overwriting specially treated variables (CVE-2020-25696)
  • postgresql: Selectivity estimators bypass row security policies (CVE-2019-10130)
  • postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks (CVE-2020-1720)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0 x86_64

Fixes

  • BZ - 1707109 - CVE-2019-10130 postgresql: Selectivity estimators bypass row security policies
  • BZ - 1719698 - CVE-2019-10164 postgresql: Stack-based buffer overflow via setting a password
  • BZ - 1734416 - CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution
  • BZ - 1798852 - CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
  • BZ - 1865744 - CVE-2020-14349 postgresql: Uncontrolled search path element in logical replication
  • BZ - 1865746 - CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION
  • BZ - 1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings
  • BZ - 1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox
  • BZ - 1894430 - CVE-2020-25696 postgresql: psql's \gset allows overwriting specially treated variables

CVEs

  • CVE-2019-10130
  • CVE-2019-10164
  • CVE-2019-10208
  • CVE-2020-1720
  • CVE-2020-14349
  • CVE-2020-14350
  • CVE-2020-25694
  • CVE-2020-25695
  • CVE-2020-25696

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.0

SRPM
postgresql-10.15-1.module+el8.0.0+9155+4a85661a.src.rpm SHA-256: f951d0f720ef7e7ab58c808801400c535f6f0c33a61fdc0ea8fcb9b7b71d48ab
ppc64le
postgresql-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 92ecd9363e3f5b1e51b3daa563c7fa6f2ef9ebac6a43bcea3b22121b6ab51dc8
postgresql-contrib-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 3cfa8c5e1ead5353d00b9360204541f7da5b46762d1285d652049d1a7c2f01e9
postgresql-contrib-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 884acdd44125dcf6159d04e95a027b43b679ae4a5509f2df0c427fcbc9a222aa
postgresql-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 0173f89c872d44449d98e317fc19d7dfae7fccd695d32bb48717fd6c9a9e1127
postgresql-debugsource-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 813c1c43f7d0f77bb8d2f88a13171243379f4c3f7ecd9d0702c397e0ca190cd2
postgresql-docs-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: c6d8c0829788787ab5e67257662c3d5cc4f0a48a09dc9688c18617fcf0db1bf0
postgresql-docs-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: a8028fffcb67dbda504d8e26ba9f9b6a8d57d297595e3d7d5b15ae3eb415642f
postgresql-plperl-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: fd5667e271f0f9574dace2a4e029fa217c5204bad2bb35140ee8b1f8d3998ab9
postgresql-plperl-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 0238e5140375f74d631ccf11acd26d2511a908cf7875d726277d73186b82db7e
postgresql-plpython3-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 23cde764a5bb4248972750b58c09908cecb92089070025ab88e660799511d3d3
postgresql-plpython3-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: a34df4077eaba4f6130f4cd3b6f45cc8a2b0249466f1761874c1349db3c958af
postgresql-pltcl-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 54cd0b2bb360c034dd0309bd3effdd17c3fdf3a7eec8a4ad9247f4743a827edd
postgresql-pltcl-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 29478eac464d1650437c5c0c1e862bda2bb3db5c2081c52e3c0febade450b681
postgresql-server-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 37b45df5388557b5a775f77caa6587fa89572d8388eb612fb94aee8d649b54ad
postgresql-server-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 71a5316416b5dc0fd9c8b91ffece63a509ab4a296f0efaafc90e958f07104283
postgresql-server-devel-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 8fb7a18e550239121886caed7ffbf949f30a7fe310be00b581bb8c085a749f1d
postgresql-server-devel-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 8a36f4c88e072a9f453bf3bbfc88c4cd3dbe9c5eee574cea2a9deea9fbb55063
postgresql-static-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: c1aba578287e404d1dec6f5c80b2917b86820810844590d8cb982684b1f85472
postgresql-test-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 3393fb48572f993262df57c42c14a186aa89481faf21300b1d9f1579973fc3ab
postgresql-test-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 1a119322bf11834487b446f532cee8f69bea1fad5fbfbda33bd57b3c8f58408b
postgresql-test-rpm-macros-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: d85d3acab63605897cbfd15645d36b0692411a999fd4280082adbd25bb7d97b3
postgresql-upgrade-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 254152f54b6c3b7648b93b073009817c486902f7cbbed18d317f050cd47c5d43
postgresql-upgrade-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: cc81d52c17276d2017b193ae61f3eed8e2f292c055e74d667f5e2e8cc2f77ab4
postgresql-upgrade-devel-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 2577b8eb2733a6aa6cf0fe9c200cdc070997f748020da70405bd76ed09782aaa
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.ppc64le.rpm SHA-256: 0f85ede1a522c4b5d52c590ac4878cbcf03b9eca3deba1efd306961a01caabc2

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.0

SRPM
postgresql-10.15-1.module+el8.0.0+9155+4a85661a.src.rpm SHA-256: f951d0f720ef7e7ab58c808801400c535f6f0c33a61fdc0ea8fcb9b7b71d48ab
x86_64
postgresql-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 687d151dcafa1ddb103f9ff51a28076216a1b8ccdb2a9f9f23f28248b2606d1c
postgresql-contrib-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 95323a0a462d0c57309d6f4e9d15e0f94e90caf57aedeb1b8f1e114a0c9b1d6a
postgresql-contrib-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 6cee186bbddb0c997e91b84cb09d12b1cfde53541a417f75cc3cec416fdc9a58
postgresql-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: b9867d7a874663d6a573ca0ce25b3722f8d662de5b7b9bbffdf523b17d86ea76
postgresql-debugsource-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: df0d5a41abb7319e0bd111e3a5038d21faef82881fc3a4c9391967538e17d927
postgresql-docs-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 84a299f438468025580b19fba78b279c857c7e51280b0c30baa7196887aa590c
postgresql-docs-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: fecc87abacf5d90907693e81c7dd9f0efcfe89e55339f87057cf9fa13fe0c792
postgresql-plperl-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: aee6bb0f57d052b1422393fcd65979e81c331818c1b267e06d6d028416541597
postgresql-plperl-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: e60efa5dac7b9a8e60373f203c5cf0558df4ee3e6b49d45e55ef74980118268f
postgresql-plpython3-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: d7882a4db3ed848f926ffbe02c7f66f06ade4ec85cbe85fda9eb9f386c68b4fa
postgresql-plpython3-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 66d70c4f53503c5e2c90b3ab844458b72fadd394864b35f7e707e2c379a5ebc4
postgresql-pltcl-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: b73ab441f294e91bd9c86017fdecd54b36a13a457081df7424eeef836d339940
postgresql-pltcl-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 0639938d7d4a84aaf815894c60de3bccef429b121a9d36cac725b4283e53aa99
postgresql-server-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 1076b068625810c419ed317a529f5d89855e406012a68cee3553f36092ce961a
postgresql-server-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 1691aac7192ad9cf9ad032d1248a79fc72f881f7f8a428a0dbd717f8f8a1b598
postgresql-server-devel-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: f34372927e7297a4fca5a87b3e058bea65304d42d7018e419dfbb6ed0cdb6cf2
postgresql-server-devel-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 8021fcc6032f3fe628fc7dfcf56e507b564ed44fbc1a29f01401958bb47e7477
postgresql-static-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 20bb46457b258f60a64815792ed3153c5542368bcc848b41d070fdea9793bb64
postgresql-test-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: fd69cc0b211aca9f7b7530e98536518f8fd5fdd011550b07b55ffdab52f31f2f
postgresql-test-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 7ae19f6968c69c03568dfe0f83ccb4d801f4c1356c1bc2b1b3ec8a8d3d2ddf08
postgresql-test-rpm-macros-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: e7c50dc678e67eb0f997ec6d87e908006e58210fb27c338769be79b82ed3625a
postgresql-upgrade-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: d8f1198e24253f5b302d4f2202bdd0337bb4725d28c8c4416412fcd2f25f63c7
postgresql-upgrade-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: c73284abe5bc8ec852e2f5da103e5d3ea9d4e4bd4e0295cfd7d116d85a9f177f
postgresql-upgrade-devel-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: 1ab835b6c5aa6d369f42eef5335042f3e3feee886b4f7d715df14befd53a2934
postgresql-upgrade-devel-debuginfo-10.15-1.module+el8.0.0+9155+4a85661a.x86_64.rpm SHA-256: b1b9f036dd8db0ef4d59f9031d9134fed27d099e20e9760a41db02d538e7ca80

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility