RLSA-2024:10788

Security

Mirrored from RHSA-2024:10788

Issued at: 2024-12-19

Updated at: 2024-12-19

Synopsis

Important: postgresql:16 security update

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID (CVE-2024-10978)

* postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code (CVE-2024-10979)

* postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes (CVE-2024-10976)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 9 aarch64

Rocky Linux 9 ppc64le

Rocky Linux 9 s390x

Rocky Linux 9 x86_64

Fixes

2326251

2326253

2326263

CVEs

CVE-2024-10976

CVE-2024-10978

CVE-2024-10979

Affected packages

Rocky Linux 9 aarch64 - AppStream

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.aarch64.rpm

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.src.rpm

pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.aarch64.rpm

pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.aarch64.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.aarch64.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.src.rpm

postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.aarch64.rpm

postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.src.rpm

pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm

pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.ppc64le.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.ppc64le.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.src.rpm

postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.ppc64le.rpm

postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.s390x.rpm

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.src.rpm

pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.s390x.rpm

pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.s390x.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.s390x.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.src.rpm

postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.s390x.rpm

postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.src.rpm

pgaudit-0:16.0-1.module+el9.4.0+25517+42a2506b.x86_64.rpm

pgaudit-debuginfo-0:16.0-1.module+el9.4.0+25517+42a2506b.x86_64.rpm

pgaudit-debugsource-0:16.0-1.module+el9.4.0+25517+42a2506b.x86_64.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.src.rpm

postgres-decoderbufs-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.x86_64.rpm

postgres-decoderbufs-debuginfo-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.x86_64.rpm

postgres-decoderbufs-debugsource-0:2.4.0-1.Final.module+el9.4.0+25517+42a2506b.x86_64.rpm