alsa-2021:2360
Vulnerability from osv_almalinux
Published
2021-06-09 11:21
Modified
2021-06-09 11:21
Summary
Important: postgresql:9.6 security update
Details
PostgreSQL is an advanced object-relational database management system (DBMS).
The following packages have been upgraded to a later upstream version: postgresql (9.6.22)
Security Fix(es):
-
postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)
-
postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-contrib"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-contrib"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-contrib"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-docs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-docs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-docs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-plperl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-plperl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-plperl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-plpython3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-plpython3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-plpython3"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-pltcl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-pltcl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-pltcl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-server"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-server-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-server-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-server-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-static"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-static"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-static"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-test-rpm-macros"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2479+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-test-rpm-macros"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.5.0+58+52470387"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "postgresql-test-rpm-macros"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.6.22-1.module_el8.4.0+2492+beebcf7e"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe following packages have been upgraded to a later upstream version: postgresql (9.6.22)\n\nSecurity Fix(es):\n\n* postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027)\n\n* postgresql: Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE (CVE-2021-32028)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"id": "ALSA-2021:2360",
"modified": "2021-06-09T11:21:04Z",
"published": "2021-06-09T11:21:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2021-2360.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2021-32027"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2021-32028"
}
],
"related": [
"CVE-2021-32027",
"CVE-2021-32028"
],
"summary": "Important: postgresql:9.6 security update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…