CVE-2019-10130

Several security issues were fixed in PostgreSQL ...

Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed For additional information please refer to the upstream announcement at wwwpostgresqlorg/about/news/1939/ For the stable distribution (stretch), this problem has been fixed in version 9613-0+deb9u1 We recommend that you upgrade your ...

Synopsis Important: postgresql:96 security update Type/Severity Security Advisory: Important Topic An update for the postgresql:96 module is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Com ...

Synopsis Important: postgresql:10 security update Type/Severity Security Advisory: Important Topic An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Commo ...

Synopsis Moderate: postgresql:10 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

Synopsis Important: postgresql:96 security update Type/Severity Security Advisory: Important Topic An update for the postgresql:96 module is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Com ...

Synopsis Moderate: rh-postgresql96-postgresql security update Type/Severity Security Advisory: Moderate Topic An update for rh-postgresql96-postgresql is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabil ...

Synopsis Important: postgresql:10 security update Type/Severity Security Advisory: Important Topic An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Importan ...

Synopsis Important: postgresql:96 security update Type/Severity Security Advisory: Important Topic An update for the postgresql:96 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...

Synopsis Important: postgresql:96 security update Type/Severity Security Advisory: Important Topic An update for the postgresql:96 module is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Import ...

PostgreSQL maintains column statistics for tables Certain statistics, such as histograms and lists of most common values, contain values taken from the column PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns ...

PostgreSQL maintains column statistics for tables Certain statistics, such as histograms and lists of most common values, contain values taken from the column PostgreSQL does not evaluate row security policies before consulting those statistics during query planning; an attacker can exploit this to read the most common values of certain columns ...

PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process Prior to this release, a user able to execute SQL queries with permissions to read a given column could craft a leaky operator that could read whatever data had been sampled from that column If this happened ...