Is it safe to remove the 'postgresql-jdbc' package from a Red Hat Satellite 6.9 server?

Solution Verified - Updated -

Issue

  • CVE-2022-21724 is a remote code execution vulnerability which is present in postgresql-jdbc.
  • postgresql-jdbc is installed on our Red Hat Satellite 6.9 server. As Red Hat announces not to fix CVE-2022-21724 for RHEL 7.x, we need to know if it can be safely uninstalled.

Environment

  • Red Hat Satellite 6.9 server (upgraded from earlier releases of Satellite, freshly installed Satellite 6.9 servers are not affected).

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content