Vulnerabilities Details

  • Home
  • Vulnerabilities Details

ZMC-2021.12.23.1700

postgresql: Multiple vulnerabilitiess

Operating System:

[WIN][UNIX/LINUX]

Published:

23th December 2021

VulnerabilitiesZMC-2021.12.23.1700 


=========================================================================== 
                         ZMCIRT Vulnerability Bulletin

                             ZMC-2021.12.23.1700
                       postgresql: Multiple vulnerabilitiess
                               23th December 2021

===========================================================================


Product:           postgresql
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Provide Misleading Information -- Remote/Unauthenticated
                   Access Confidential Data       -- Remote/Unauthenticated
                   Reduced Security               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-23214 CVE-2021-3677 

Reference:         ESB-2021.4275
                   ESB-2021.4239
                   ESB-2021.3972
                   ESB-2021.3962

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2021:5236
   https://access.redhat.com/errata/RHSA-2021:5235

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: postgresql:13 security update
Advisory ID:       RHSA-2021:5236-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:5236
Issue date:        2021-12-21
CVE Names:         CVE-2021-3677 CVE-2021-23214 
=====================================================================

1. Summary:

An update for the postgresql:13 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (13.5).

Security Fix(es):

* postgresql: memory disclosure in certain queries (CVE-2021-3677)

* postgresql: server processes unencrypted bytes from man-in-the-middle
(CVE-2021-23214)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2001857 - CVE-2021-3677 postgresql: memory disclosure in certain queries
2022666 - CVE-2021-23214 postgresql: server processes unencrypted bytes from man-in-the-middle

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm
postgresql-13.5-1.module+el8.5.0+13344+8c0fd184.src.rpm

aarch64:
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm
postgresql-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-contrib-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-contrib-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-debugsource-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-docs-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-docs-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-plperl-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-plperl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-plpython3-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-plpython3-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-pltcl-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-pltcl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-server-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-server-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-server-devel-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-server-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-static-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-test-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-test-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-upgrade-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-upgrade-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-upgrade-devel-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm
postgresql-upgrade-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.aarch64.rpm

noarch:
postgresql-test-rpm-macros-13.5-1.module+el8.5.0+13344+8c0fd184.noarch.rpm

ppc64le:
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm
postgresql-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-contrib-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-contrib-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-debugsource-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-docs-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-docs-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-plperl-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-plperl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-plpython3-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-plpython3-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-pltcl-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-pltcl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-server-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-server-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-server-devel-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-server-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-static-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-test-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-test-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-upgrade-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-upgrade-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-upgrade-devel-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.ppc64le.rpm

s390x:
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm
postgresql-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-contrib-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-contrib-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-debugsource-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-docs-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-docs-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-plperl-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-plperl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-plpython3-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-plpython3-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-pltcl-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-pltcl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-server-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-server-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-server-devel-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-server-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-static-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-test-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-test-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-upgrade-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-upgrade-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-upgrade-devel-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm
postgresql-upgrade-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.s390x.rpm

x86_64:
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm
postgresql-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-contrib-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-contrib-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-debugsource-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-docs-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-docs-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-plperl-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-plperl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-plpython3-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-plpython3-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-pltcl-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-pltcl-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-server-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-server-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-server-devel-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-server-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-static-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-test-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-test-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-upgrade-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-upgrade-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-upgrade-devel-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm
postgresql-upgrade-devel-debuginfo-13.5-1.module+el8.5.0+13344+8c0fd184.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3677
https://access.redhat.com/security/cve/CVE-2021-23214
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYcHbKtzjgjWX9erEAQjsLw/9G3k/gaEO5sDrXqh9c+PzL9bl6mb+Vkjb
afWQKY+yoPyTc60eil2ntRu8FBYUKJzUUKl0seexGBgsQ4LRWMZxwXbGy95wXPJw
arNiJtJTOR4MPzG2ymFfiTohBA8yRDIpcSJsTv5ZLGJtVDuSrAU49mUJdNIxJLuu
ViWs2FpqVMT0B6xO3SxUNSPR7PHZHtT7DpxsnQnlKYXFEQ0a7k+ee97MQ6n5uL4r
FjuzIXzp/wVoxh60A5TJZRMKWqOd1hfzAyBRcUTtMkHpJeGfMNTWW4zWyKAQN7IK
cf1R0wiIBxyU1UqXLAiHGUNhEa2DNyjID6w0cjJU2dDq6hb0aq09Dv2fKD8XNMud
lAgi5/G1KV86vV41htDGEQ2xtMKhdm501r6m8F3RQh+Sawtfl/KeFcLNlhcYRlyU
dWPdZKx+oiCKyTAiqCKxFZXjh85d460LcK1qOqroL7OgNqVUH2e6Zy021M94/ZF9
1HHhx7XfOiwiXmYIbGBiI+1cJHCzwkxcnd/LWABigIO7UIVvK+cqVvI1SFK/wyKt
ZbDJVRuvlnd8MeedbyGKlANl41udMferNKLsEhgmVp8eQ38NC2zt/OZ/Qi9Lcbgz
z1Z+VFME4a/gLjyS08zDwMnUFCLegxjCdaaOIp57Eoyf9JUKCJK66k/xLm4toZHp
U+iY8fkVqVI=
=SjYb
- -----END PGP SIGNATURE-----

- ----------------------------------------------------------------------------------------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: postgresql:12 security update
Advisory ID:       RHSA-2021:5235-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:5235
Issue date:        2021-12-21
CVE Names:         CVE-2021-3677 CVE-2021-23214 
=====================================================================

1. Summary:

An update for the postgresql:12 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system
(DBMS).

The following packages have been upgraded to a later upstream version:
postgresql (12.9).

Security Fix(es):

* postgresql: memory disclosure in certain queries (CVE-2021-3677)

* postgresql: server processes unencrypted bytes from man-in-the-middle
(CVE-2021-23214)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2001857 - CVE-2021-3677 postgresql: memory disclosure in certain queries
2022666 - CVE-2021-23214 postgresql: server processes unencrypted bytes from man-in-the-middle

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.src.rpm
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.src.rpm
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.src.rpm
postgresql-12.9-1.module+el8.5.0+13373+4554acc4.src.rpm

aarch64:
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.aarch64.rpm
postgresql-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-contrib-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-contrib-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-debugsource-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-docs-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-docs-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-plperl-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-plperl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-plpython3-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-plpython3-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-pltcl-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-pltcl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-server-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-server-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-server-devel-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-server-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-static-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-test-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-test-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-upgrade-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-upgrade-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-upgrade-devel-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm
postgresql-upgrade-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.aarch64.rpm

noarch:
postgresql-test-rpm-macros-12.9-1.module+el8.5.0+13373+4554acc4.noarch.rpm

ppc64le:
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm
postgresql-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-contrib-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-contrib-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-debugsource-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-docs-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-docs-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-plperl-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-plperl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-plpython3-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-plpython3-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-pltcl-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-pltcl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-server-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-server-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-server-devel-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-server-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-static-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-test-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-test-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-upgrade-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-upgrade-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-upgrade-devel-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm
postgresql-upgrade-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.ppc64le.rpm

s390x:
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.s390x.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.s390x.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.s390x.rpm
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.s390x.rpm
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.s390x.rpm
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.s390x.rpm
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.s390x.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.s390x.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.s390x.rpm
postgresql-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-contrib-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-contrib-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-debugsource-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-docs-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-docs-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-plperl-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-plperl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-plpython3-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-plpython3-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-pltcl-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-pltcl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-server-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-server-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-server-devel-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-server-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-static-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-test-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-test-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-upgrade-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-upgrade-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-upgrade-devel-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm
postgresql-upgrade-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.s390x.rpm

x86_64:
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.x86_64.rpm
postgresql-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-contrib-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-contrib-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-debugsource-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-docs-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-docs-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-plperl-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-plperl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-plpython3-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-plpython3-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-pltcl-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-pltcl-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-server-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-server-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-server-devel-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-server-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-static-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-test-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-test-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-upgrade-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-upgrade-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-upgrade-devel-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm
postgresql-upgrade-devel-debuginfo-12.9-1.module+el8.5.0+13373+4554acc4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3677
https://access.redhat.com/security/cve/CVE-2021-23214
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/


- --------------------------END INCLUDED TEXT--------------------





 
ZMCIRT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. ZMCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Internet Email: report@cirt.zm     
Telephone:     7070 
                ZMCIRT personnel answer during Zambian business hours 
                which are 8am to 5pm.
                On call after hours for member emergencies only.
===========================================================================

Copyright @2023 ZAMBIA CIRT