- Issued:
- 2023-01-12
- Updated:
- 2023-01-12
RHSA-2023:0160 - Security Advisory
Synopsis
Moderate: rh-postgresql10-postgresql security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
PostgreSQL is an advanced object-relational database management system (DBMS).
The following packages have been upgraded to a later upstream version:
rh-postgresql10-postgresql (10.23).
Security Fix(es):
- postgresql: Extension scripts replace objects not belonging to the extension. (CVE-2022-2625)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- rh-postgresql10-postgresql: Update to the latest PostgreSQL version 10.23 (BZ#2157611)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
If the postgresql service is running, it will be automatically restarted after installing this update.
Affected Products
- Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
- Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
- Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
- Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64
Fixes
- BZ - 2113825 - CVE-2022-2625 postgresql: Extension scripts replace objects not belonging to the extension.
- BZ - 2157611 - rh-postgresql10-postgresql: Update to the latest PostgreSQL version 10.23 [rhscl-3.8.z]
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Software Collections (for RHEL Server) 1 for RHEL 7
| SRPM | |
|---|---|
| rh-postgresql10-postgresql-10.23-1.el7.src.rpm | SHA-256: a9016c7c733d380a5476508e8bfe7d0ef4cfdabb764f7d61de64b926ba87467d |
| x86_64 | |
| rh-postgresql10-postgresql-10.23-1.el7.x86_64.rpm | SHA-256: 9e8e137de06799180dcda9945ad969f97474c8d1de36c4d13c0c3c7a9d792025 |
| rh-postgresql10-postgresql-contrib-10.23-1.el7.x86_64.rpm | SHA-256: 50c4d2a5e03b9083146c5bf6457bf5e85699f25466c692919c5b85c3fd6f698b |
| rh-postgresql10-postgresql-contrib-syspaths-10.23-1.el7.x86_64.rpm | SHA-256: 819b433bd854c822822c4cde614e79412fb5643345ad34fa3346095abee28db8 |
| rh-postgresql10-postgresql-debuginfo-10.23-1.el7.x86_64.rpm | SHA-256: eca99649c1388b889f28e5aefd7258eaa39728cb02d51aa56db302cd03fbc6dd |
| rh-postgresql10-postgresql-devel-10.23-1.el7.x86_64.rpm | SHA-256: 2785082807d70a56c48e1d9705a61e92f637bf0727e882e5981a43aa9218beb7 |
| rh-postgresql10-postgresql-docs-10.23-1.el7.x86_64.rpm | SHA-256: 7287e787bce8ed2846c082fbaaa0a15d792ae37dcad67724d05d8159a6a3e6ed |
| rh-postgresql10-postgresql-libs-10.23-1.el7.x86_64.rpm | SHA-256: 13fd021d8e50d783f69e246cd3b922c2116d6b4238e937d3e5dcd31a6f07e084 |
| rh-postgresql10-postgresql-plperl-10.23-1.el7.x86_64.rpm | SHA-256: 4dc346633af3d9ef6b44e187020ba5e6ffa074680eceb4ab3e539a0ddd1935d4 |
| rh-postgresql10-postgresql-plpython-10.23-1.el7.x86_64.rpm | SHA-256: ddaa99baa1524419459149cc6189e6235ea34d939a47416a8b86cdf943059909 |
| rh-postgresql10-postgresql-pltcl-10.23-1.el7.x86_64.rpm | SHA-256: 65c937d1b09ba6e386a072c301cad9a0ccd6a8ba69664919afdfcee925611f4d |
| rh-postgresql10-postgresql-server-10.23-1.el7.x86_64.rpm | SHA-256: 564b2fe0a795de2065c4a219a67c01ccacbb7e858a6422acaa8a893cc4f643b4 |
| rh-postgresql10-postgresql-server-syspaths-10.23-1.el7.x86_64.rpm | SHA-256: 78d23898ec3c1a6f8bfe577634e480e6687a11eca0e10d755fb2839a7d60de02 |
| rh-postgresql10-postgresql-static-10.23-1.el7.x86_64.rpm | SHA-256: 61686f8cddb237cdccd6bbffb771c22a7ca0854322641d3ca235c63466782d4e |
| rh-postgresql10-postgresql-syspaths-10.23-1.el7.x86_64.rpm | SHA-256: cde1968ca15b24c42f5a51967b4a8a2dbaa2ad962de52959887ff0063bc55804 |
| rh-postgresql10-postgresql-test-10.23-1.el7.x86_64.rpm | SHA-256: 95ed1005a6f7a6028d1fb7a47a3efbf06ce22a6a473f5773e7d934b67fc1d8cf |
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7
| SRPM | |
|---|---|
| rh-postgresql10-postgresql-10.23-1.el7.src.rpm | SHA-256: a9016c7c733d380a5476508e8bfe7d0ef4cfdabb764f7d61de64b926ba87467d |
| s390x | |
| rh-postgresql10-postgresql-10.23-1.el7.s390x.rpm | SHA-256: af8537492b5e222bb9da33a9f134429e3a4a47adcc9ebc73d3089dc4144ac214 |
| rh-postgresql10-postgresql-contrib-10.23-1.el7.s390x.rpm | SHA-256: 397b0a7c2c509fdb28b9bc66f9dc0d22a8dda0d0f6cb55e7fdf83db1222242f9 |
| rh-postgresql10-postgresql-contrib-syspaths-10.23-1.el7.s390x.rpm | SHA-256: ae0041713fe436386c8f3fc6871ce71583ae997ee083c346ca92d1ad2d97da31 |
| rh-postgresql10-postgresql-debuginfo-10.23-1.el7.s390x.rpm | SHA-256: bc2754118c020d5478b535c889a0b92fe3a0e567b463037ada9c6a1e33e11f14 |
| rh-postgresql10-postgresql-devel-10.23-1.el7.s390x.rpm | SHA-256: fdf12904b623f6b46fe6ca58534340b06509977b116126aa700a75b8db2ca93d |
| rh-postgresql10-postgresql-docs-10.23-1.el7.s390x.rpm | SHA-256: f037a2c8d0fa74c0289fa815d08c6fb05c5728b88e5f5dc0a4d2fd87bab6fd71 |
| rh-postgresql10-postgresql-libs-10.23-1.el7.s390x.rpm | SHA-256: c44cca713734714538a3005d0a3ba41daf6eda28333731479838137dbd36663d |
| rh-postgresql10-postgresql-plperl-10.23-1.el7.s390x.rpm | SHA-256: 7ded767983f0fd180379e5f5d78445d4ca2c16d08299f0377d9d3deeddcd092c |
| rh-postgresql10-postgresql-plpython-10.23-1.el7.s390x.rpm | SHA-256: 7666cde9bf161f8eca8de4fa93474be9ed03ad2293bc6a265ef2dcfbce922923 |
| rh-postgresql10-postgresql-pltcl-10.23-1.el7.s390x.rpm | SHA-256: 91eb6d5a2f6a220d10dfe13256ca88e45ba0bfdf4d818bb5adfac33c725d7535 |
| rh-postgresql10-postgresql-server-10.23-1.el7.s390x.rpm | SHA-256: 4bda45bed83e94085d214d00ca0a0b636f8549494caafa7821e3164caab95a6d |
| rh-postgresql10-postgresql-server-syspaths-10.23-1.el7.s390x.rpm | SHA-256: 787a0695ba91fe27e5f035b8507b58bd06ca8adae75080c2f76de5c445782291 |
| rh-postgresql10-postgresql-static-10.23-1.el7.s390x.rpm | SHA-256: 1e289ec54e74433febba2a79aee749da9188889c0bf4d16fcc9258f591c9fbae |
| rh-postgresql10-postgresql-syspaths-10.23-1.el7.s390x.rpm | SHA-256: 37efedd8568471c57c7b1d5cd986efb54902eb02019a604dda7c1d4fd8e8dbeb |
| rh-postgresql10-postgresql-test-10.23-1.el7.s390x.rpm | SHA-256: 0c8c206e27ce9308bea4f70db28f44093c6cc65a80bd679e9351870d3580cb2d |
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7
| SRPM | |
|---|---|
| rh-postgresql10-postgresql-10.23-1.el7.src.rpm | SHA-256: a9016c7c733d380a5476508e8bfe7d0ef4cfdabb764f7d61de64b926ba87467d |
| ppc64le | |
| rh-postgresql10-postgresql-10.23-1.el7.ppc64le.rpm | SHA-256: 3a975bd0df861487042a234a4d0bbb68856d5cbeb67c5826a97aefd444ea705c |
| rh-postgresql10-postgresql-contrib-10.23-1.el7.ppc64le.rpm | SHA-256: c2250f60b815defcd8379cb63e1ea3c7073af8ed35b75f3dc9dcb002551fae00 |
| rh-postgresql10-postgresql-contrib-syspaths-10.23-1.el7.ppc64le.rpm | SHA-256: 58aa16ce0eaa60d74fc29422dbbe3ebff0f5a490c15f48050a6b0ab4e88f9a0e |
| rh-postgresql10-postgresql-debuginfo-10.23-1.el7.ppc64le.rpm | SHA-256: b819a3d165143edd6283e8c43d029af2d61e06519fb2a02d9f03d91bbaf93cd2 |
| rh-postgresql10-postgresql-devel-10.23-1.el7.ppc64le.rpm | SHA-256: 1cd40e1dc4a2cabbde656ddbe9c1f022aabc20750393d21caeed9ad8d398fbfe |
| rh-postgresql10-postgresql-docs-10.23-1.el7.ppc64le.rpm | SHA-256: ba6a8e4781b89f30da58e84806d986e0dfe1ad86666ce8e335d4e0b550eaeab8 |
| rh-postgresql10-postgresql-libs-10.23-1.el7.ppc64le.rpm | SHA-256: 2e36bf7f18cd587c570339c06b37220ab80fa2d78f868d7006590ba2818d6526 |
| rh-postgresql10-postgresql-plperl-10.23-1.el7.ppc64le.rpm | SHA-256: 2e48e0649b741657737406537adf368fd705e3c8428f4ae36b30142199109e6b |
| rh-postgresql10-postgresql-plpython-10.23-1.el7.ppc64le.rpm | SHA-256: 3938a0b02c25c808c434635dd9e6d9d8ace897f0845cde20dc97c36745dc8430 |
| rh-postgresql10-postgresql-pltcl-10.23-1.el7.ppc64le.rpm | SHA-256: 557d8c5805558f8c470e0673bdd9c2fb4fcb8ec431686c51ed42bdb9b0e0508e |
| rh-postgresql10-postgresql-server-10.23-1.el7.ppc64le.rpm | SHA-256: 24de036895da83e764f5b0623a96f969103d8806c5fed7bb44386d821ebb2377 |
| rh-postgresql10-postgresql-server-syspaths-10.23-1.el7.ppc64le.rpm | SHA-256: 07defd5c53809d2ffebdb084f39e96a40fff505a7b42e58f24a856b1fda4b780 |
| rh-postgresql10-postgresql-static-10.23-1.el7.ppc64le.rpm | SHA-256: 544282847f4d9fc629b6aad77bab0ae6a341e8b9fd0a8f4aa044a0480b1aa77c |
| rh-postgresql10-postgresql-syspaths-10.23-1.el7.ppc64le.rpm | SHA-256: 4bbba2a2c9b465671a078a2bd18c4a72a14c31fe380cd234d1d70b423bf9b0e5 |
| rh-postgresql10-postgresql-test-10.23-1.el7.ppc64le.rpm | SHA-256: de4bc7ff09d29df834a411b7cf29b4f6e46c8048fc440428a424857b7e6ca685 |
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7
| SRPM | |
|---|---|
| rh-postgresql10-postgresql-10.23-1.el7.src.rpm | SHA-256: a9016c7c733d380a5476508e8bfe7d0ef4cfdabb764f7d61de64b926ba87467d |
| x86_64 | |
| rh-postgresql10-postgresql-10.23-1.el7.x86_64.rpm | SHA-256: 9e8e137de06799180dcda9945ad969f97474c8d1de36c4d13c0c3c7a9d792025 |
| rh-postgresql10-postgresql-contrib-10.23-1.el7.x86_64.rpm | SHA-256: 50c4d2a5e03b9083146c5bf6457bf5e85699f25466c692919c5b85c3fd6f698b |
| rh-postgresql10-postgresql-contrib-syspaths-10.23-1.el7.x86_64.rpm | SHA-256: 819b433bd854c822822c4cde614e79412fb5643345ad34fa3346095abee28db8 |
| rh-postgresql10-postgresql-debuginfo-10.23-1.el7.x86_64.rpm | SHA-256: eca99649c1388b889f28e5aefd7258eaa39728cb02d51aa56db302cd03fbc6dd |
| rh-postgresql10-postgresql-devel-10.23-1.el7.x86_64.rpm | SHA-256: 2785082807d70a56c48e1d9705a61e92f637bf0727e882e5981a43aa9218beb7 |
| rh-postgresql10-postgresql-docs-10.23-1.el7.x86_64.rpm | SHA-256: 7287e787bce8ed2846c082fbaaa0a15d792ae37dcad67724d05d8159a6a3e6ed |
| rh-postgresql10-postgresql-libs-10.23-1.el7.x86_64.rpm | SHA-256: 13fd021d8e50d783f69e246cd3b922c2116d6b4238e937d3e5dcd31a6f07e084 |
| rh-postgresql10-postgresql-plperl-10.23-1.el7.x86_64.rpm | SHA-256: 4dc346633af3d9ef6b44e187020ba5e6ffa074680eceb4ab3e539a0ddd1935d4 |
| rh-postgresql10-postgresql-plpython-10.23-1.el7.x86_64.rpm | SHA-256: ddaa99baa1524419459149cc6189e6235ea34d939a47416a8b86cdf943059909 |
| rh-postgresql10-postgresql-pltcl-10.23-1.el7.x86_64.rpm | SHA-256: 65c937d1b09ba6e386a072c301cad9a0ccd6a8ba69664919afdfcee925611f4d |
| rh-postgresql10-postgresql-server-10.23-1.el7.x86_64.rpm | SHA-256: 564b2fe0a795de2065c4a219a67c01ccacbb7e858a6422acaa8a893cc4f643b4 |
| rh-postgresql10-postgresql-server-syspaths-10.23-1.el7.x86_64.rpm | SHA-256: 78d23898ec3c1a6f8bfe577634e480e6687a11eca0e10d755fb2839a7d60de02 |
| rh-postgresql10-postgresql-static-10.23-1.el7.x86_64.rpm | SHA-256: 61686f8cddb237cdccd6bbffb771c22a7ca0854322641d3ca235c63466782d4e |
| rh-postgresql10-postgresql-syspaths-10.23-1.el7.x86_64.rpm | SHA-256: cde1968ca15b24c42f5a51967b4a8a2dbaa2ad962de52959887ff0063bc55804 |
| rh-postgresql10-postgresql-test-10.23-1.el7.x86_64.rpm | SHA-256: 95ed1005a6f7a6028d1fb7a47a3efbf06ce22a6a473f5773e7d934b67fc1d8cf |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
