Issued:: 2024-02-26
Updated:: 2024-02-26

RHSA-2024:0988 - Security Advisory

Overview
Updated Packages

Synopsis

Important: rh-postgresql13-postgresql security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rh-postgresql13-postgresql is now available for Red Hat Software Collections.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL (CVE-2024-0985)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7 x86_64
Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7 s390x
Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7 ppc64le
Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7 x86_64

Fixes

BZ - 2263384 - CVE-2024-0985 postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL

CVEs

CVE-2024-0985

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Software Collections (for RHEL Server) 1 for RHEL 7

SRPM
rh-postgresql13-postgresql-13.14-1.el7.src.rpm	SHA-256: 8e56e18f5c0c03df568f61612e5adb31bfbc28ca26084ae8fae3087c966d536a
x86_64
rh-postgresql13-postgresql-13.14-1.el7.x86_64.rpm	SHA-256: ebe756bd1ce6875ae1f2badbf1f91225a0787be3991d4c6367505c7a2eb6c00b
rh-postgresql13-postgresql-contrib-13.14-1.el7.x86_64.rpm	SHA-256: 5a7fcd90662e6ca6c163e3aff289272f3368412c866bb4e8c5800ab5cad3b25a
rh-postgresql13-postgresql-contrib-syspaths-13.14-1.el7.x86_64.rpm	SHA-256: f605d2dced3be0732922253f41e71e0f9d33e59b75361dfbd733fd80c48ebb69
rh-postgresql13-postgresql-debuginfo-13.14-1.el7.x86_64.rpm	SHA-256: cce9b5174fe78cdc64d70087e44eb42ae255b2d86f6a039467e31fb201556e54
rh-postgresql13-postgresql-devel-13.14-1.el7.x86_64.rpm	SHA-256: 6e322ad9c2aa34be22179166f3e5bd7638b9373c38c7e5af4d4471ab4dea2270
rh-postgresql13-postgresql-docs-13.14-1.el7.x86_64.rpm	SHA-256: 5468ce34a9e12670e703b2202ce382dfd3cb794828ed60aa7a460a3454bdcf78
rh-postgresql13-postgresql-libs-13.14-1.el7.x86_64.rpm	SHA-256: db8585d078671a761348e52709b14dbbf05f74e664f77ffefc43fc01705b9028
rh-postgresql13-postgresql-plperl-13.14-1.el7.x86_64.rpm	SHA-256: 5eff89b6d9414ddac66f17e71c91f9366dc11813ae490ce03bab6efc2122ef05
rh-postgresql13-postgresql-plpython-13.14-1.el7.x86_64.rpm	SHA-256: d038f2a6f620ca34920c97cc3fd0bfe824f999f16ef62b324c1d49b7994b7d19
rh-postgresql13-postgresql-plpython3-13.14-1.el7.x86_64.rpm	SHA-256: 76467989f902f3d8c92f084ddc3d25fe9950c3c81c04cd7417e88a0d83607a68
rh-postgresql13-postgresql-pltcl-13.14-1.el7.x86_64.rpm	SHA-256: c236beca7f86c276a286d0a6cb1229859961bd9c6b92748c2a4bcf2ee3d7a7c3
rh-postgresql13-postgresql-server-13.14-1.el7.x86_64.rpm	SHA-256: 57a786117dcd6e6ab0163ba1389bbcf019cf4e0b09494d8a390078141b803618
rh-postgresql13-postgresql-server-syspaths-13.14-1.el7.x86_64.rpm	SHA-256: 82c48c90e0316a196bc6c2ba1ed4cb8b762962d75e82e9661a384973ffcfb1cc
rh-postgresql13-postgresql-static-13.14-1.el7.x86_64.rpm	SHA-256: 5641a5ea561096648a7e64d3fe4f575840ea1cebcfd8cfb19844b98ac1560b5b
rh-postgresql13-postgresql-syspaths-13.14-1.el7.x86_64.rpm	SHA-256: 8e4e725ed6b5e087d71483418608f6393955c807d6384441488418b39f111c55
rh-postgresql13-postgresql-test-13.14-1.el7.x86_64.rpm	SHA-256: 896a96eece52073fe7178c4df8ed3dafbeaca123f129f8aa335a2734844192ed

Red Hat Software Collections (for RHEL Server for System Z) 1 for RHEL 7

SRPM
rh-postgresql13-postgresql-13.14-1.el7.src.rpm	SHA-256: 8e56e18f5c0c03df568f61612e5adb31bfbc28ca26084ae8fae3087c966d536a
s390x
rh-postgresql13-postgresql-13.14-1.el7.s390x.rpm	SHA-256: 321603c18ab257b13201efe458dc534fd574bbee6faad07a1f1acf5c74f0422e
rh-postgresql13-postgresql-contrib-13.14-1.el7.s390x.rpm	SHA-256: 4ba2865915b10efc7292488915528373dea73a594f45fa39ba3d3edbd0f83a3c
rh-postgresql13-postgresql-contrib-syspaths-13.14-1.el7.s390x.rpm	SHA-256: 22aaa51448507f211c7e3f38415e853514aa2e1cabc6ae597436e8b1f03aa138
rh-postgresql13-postgresql-debuginfo-13.14-1.el7.s390x.rpm	SHA-256: ebc5a389ea7fd5bae4107b567b18d6ae94a3e3da0b823470dfa59a73dd694aab
rh-postgresql13-postgresql-devel-13.14-1.el7.s390x.rpm	SHA-256: 3c2765fd61f0469c1dd26033e8827bd7d8044414c731545744dd8b8eae5affc0
rh-postgresql13-postgresql-docs-13.14-1.el7.s390x.rpm	SHA-256: 0b4fd881ddeb1d12adf60070b5a303c0fdb81b8181b3ef5f991ce41c24e65ffa
rh-postgresql13-postgresql-libs-13.14-1.el7.s390x.rpm	SHA-256: f6076c233e1aa9fef343fb5b2c8e212340ebb30f31e27722043fdbd4ab6e1e6f
rh-postgresql13-postgresql-plperl-13.14-1.el7.s390x.rpm	SHA-256: 0c9af5195efc328720447395079a1ce7a4f3392780dd6cd07754b1405f1fc433
rh-postgresql13-postgresql-plpython-13.14-1.el7.s390x.rpm	SHA-256: b4d30fe702b2e0bdda28154beaeed4518f69c57cf2026311b5ade86f75bfc0b9
rh-postgresql13-postgresql-plpython3-13.14-1.el7.s390x.rpm	SHA-256: 764e10c075676e4eb8279a54073838062cc718bed335a7a87b5d80710cd2988d
rh-postgresql13-postgresql-pltcl-13.14-1.el7.s390x.rpm	SHA-256: 515333585594ab13ec456e624d539262d0e9ff617518d403f9cb9971b69aaefb
rh-postgresql13-postgresql-server-13.14-1.el7.s390x.rpm	SHA-256: 094724d3fca487ecf11d2d08e1d3c26f91486738144b9341220f2505b0914295
rh-postgresql13-postgresql-server-syspaths-13.14-1.el7.s390x.rpm	SHA-256: bb15df43653e424064c1181967dd67a67b099381bff5513ae7c3a6153bf08373
rh-postgresql13-postgresql-static-13.14-1.el7.s390x.rpm	SHA-256: d635e1e2a1baeb816a2504fd5adee5f82d64a8869da3c1c8c871a31395461868
rh-postgresql13-postgresql-syspaths-13.14-1.el7.s390x.rpm	SHA-256: 63c3ba0c0e78bbbb5d60758e41ddbe0ef3ae0bf3ed2b0fd7dec581497da1597b
rh-postgresql13-postgresql-test-13.14-1.el7.s390x.rpm	SHA-256: 0b85ca429f551a8a17a800a2d994c3479a607b588decc5fb3206dd2e79330938

Red Hat Software Collections (for RHEL Server for IBM Power LE) 1 for RHEL 7

SRPM
rh-postgresql13-postgresql-13.14-1.el7.src.rpm	SHA-256: 8e56e18f5c0c03df568f61612e5adb31bfbc28ca26084ae8fae3087c966d536a
ppc64le
rh-postgresql13-postgresql-13.14-1.el7.ppc64le.rpm	SHA-256: 66cda608b0067c9af58b7b7b807c80b3ac5c929c7d97a24fea5a8a4e2961eddf
rh-postgresql13-postgresql-contrib-13.14-1.el7.ppc64le.rpm	SHA-256: 537610a9808cbe726a24c76797891209baaaf4afa2a1b14943765610c9837d2a
rh-postgresql13-postgresql-contrib-syspaths-13.14-1.el7.ppc64le.rpm	SHA-256: 6a76c56af05b6e5f1634b1bde0f793f8dc21d130c894b43b315d0bd21f02179b
rh-postgresql13-postgresql-debuginfo-13.14-1.el7.ppc64le.rpm	SHA-256: ce5ac5fe43bcaabf5997d265de6edbe773c00ad3915dc1d6f5490a95fe41b68f
rh-postgresql13-postgresql-devel-13.14-1.el7.ppc64le.rpm	SHA-256: 47291c83a15e9da1e1efe3d935754c5e323e11a96441743d3aaf11b7e54b5e7a
rh-postgresql13-postgresql-docs-13.14-1.el7.ppc64le.rpm	SHA-256: 2dfb3bb60c76fb672dd5fe69711d78c4f3a4582a9d96d21591f1c9ee4fb74ed7
rh-postgresql13-postgresql-libs-13.14-1.el7.ppc64le.rpm	SHA-256: 15cccc0acc0ce8365cf460ce7f234e985875de4ec93736fc72ea5875882b67e2
rh-postgresql13-postgresql-plperl-13.14-1.el7.ppc64le.rpm	SHA-256: e5f3e17eefc9efd94f3d4c2c5a1d65be405f93a8eea754d88a9a0a654d597533
rh-postgresql13-postgresql-plpython-13.14-1.el7.ppc64le.rpm	SHA-256: ba8e57a60377db98220ca976cfc300bc1ce044f1073361fc0297c02539b2e1ca
rh-postgresql13-postgresql-plpython3-13.14-1.el7.ppc64le.rpm	SHA-256: d3c15a8c678ae2cafa90a4041827978ffffa0abbb92bdefc728e9c3b1cd7b71b
rh-postgresql13-postgresql-pltcl-13.14-1.el7.ppc64le.rpm	SHA-256: 0a704cae612b1ad2baabf7052d4de67e9e0bc9b4e5e464622b0c0f1407b63873
rh-postgresql13-postgresql-server-13.14-1.el7.ppc64le.rpm	SHA-256: abfe4108561a26dfd6736d129584a77903f1a813ec94a136bf28e5ae686907ba
rh-postgresql13-postgresql-server-syspaths-13.14-1.el7.ppc64le.rpm	SHA-256: 0a13162a60dfb122a48b36c9631a2a3ca1c8d1053db461af11f82a4f84def438
rh-postgresql13-postgresql-static-13.14-1.el7.ppc64le.rpm	SHA-256: 373a3504060a40c6aeba5ff39bd18e9d3a4f65499d208e05a08f9321f33a196f
rh-postgresql13-postgresql-syspaths-13.14-1.el7.ppc64le.rpm	SHA-256: 14cfeb761cbeb7bb14022dcd0f27ce2e62989d96f5eb1a8e10db577c33486310
rh-postgresql13-postgresql-test-13.14-1.el7.ppc64le.rpm	SHA-256: 6d815a1f55e455b65b5150091f1978a4dff85cd36ee32dcc53a3635e07094815

Red Hat Software Collections (for RHEL Workstation) 1 for RHEL 7

SRPM
rh-postgresql13-postgresql-13.14-1.el7.src.rpm	SHA-256: 8e56e18f5c0c03df568f61612e5adb31bfbc28ca26084ae8fae3087c966d536a
x86_64
rh-postgresql13-postgresql-13.14-1.el7.x86_64.rpm	SHA-256: ebe756bd1ce6875ae1f2badbf1f91225a0787be3991d4c6367505c7a2eb6c00b
rh-postgresql13-postgresql-contrib-13.14-1.el7.x86_64.rpm	SHA-256: 5a7fcd90662e6ca6c163e3aff289272f3368412c866bb4e8c5800ab5cad3b25a
rh-postgresql13-postgresql-contrib-syspaths-13.14-1.el7.x86_64.rpm	SHA-256: f605d2dced3be0732922253f41e71e0f9d33e59b75361dfbd733fd80c48ebb69
rh-postgresql13-postgresql-debuginfo-13.14-1.el7.x86_64.rpm	SHA-256: cce9b5174fe78cdc64d70087e44eb42ae255b2d86f6a039467e31fb201556e54
rh-postgresql13-postgresql-devel-13.14-1.el7.x86_64.rpm	SHA-256: 6e322ad9c2aa34be22179166f3e5bd7638b9373c38c7e5af4d4471ab4dea2270
rh-postgresql13-postgresql-docs-13.14-1.el7.x86_64.rpm	SHA-256: 5468ce34a9e12670e703b2202ce382dfd3cb794828ed60aa7a460a3454bdcf78
rh-postgresql13-postgresql-libs-13.14-1.el7.x86_64.rpm	SHA-256: db8585d078671a761348e52709b14dbbf05f74e664f77ffefc43fc01705b9028
rh-postgresql13-postgresql-plperl-13.14-1.el7.x86_64.rpm	SHA-256: 5eff89b6d9414ddac66f17e71c91f9366dc11813ae490ce03bab6efc2122ef05
rh-postgresql13-postgresql-plpython-13.14-1.el7.x86_64.rpm	SHA-256: d038f2a6f620ca34920c97cc3fd0bfe824f999f16ef62b324c1d49b7994b7d19
rh-postgresql13-postgresql-plpython3-13.14-1.el7.x86_64.rpm	SHA-256: 76467989f902f3d8c92f084ddc3d25fe9950c3c81c04cd7417e88a0d83607a68
rh-postgresql13-postgresql-pltcl-13.14-1.el7.x86_64.rpm	SHA-256: c236beca7f86c276a286d0a6cb1229859961bd9c6b92748c2a4bcf2ee3d7a7c3
rh-postgresql13-postgresql-server-13.14-1.el7.x86_64.rpm	SHA-256: 57a786117dcd6e6ab0163ba1389bbcf019cf4e0b09494d8a390078141b803618
rh-postgresql13-postgresql-server-syspaths-13.14-1.el7.x86_64.rpm	SHA-256: 82c48c90e0316a196bc6c2ba1ed4cb8b762962d75e82e9661a384973ffcfb1cc
rh-postgresql13-postgresql-static-13.14-1.el7.x86_64.rpm	SHA-256: 5641a5ea561096648a7e64d3fe4f575840ea1cebcfd8cfb19844b98ac1560b5b
rh-postgresql13-postgresql-syspaths-13.14-1.el7.x86_64.rpm	SHA-256: 8e4e725ed6b5e087d71483418608f6393955c807d6384441488418b39f111c55
rh-postgresql13-postgresql-test-13.14-1.el7.x86_64.rpm	SHA-256: 896a96eece52073fe7178c4df8ed3dafbeaca123f129f8aa335a2734844192ed

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation