Debian Bug report logs -
#1056283
postgresql-15: CVE-2023-5868 CVE-2023-5869 CVE-2023-5870
Package:
src:postgresql-15;
Maintainer for src:postgresql-15 is Debian PostgreSQL Maintainers <team+postgresql@trackerdebianorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Sun, 19 Nov 2023 20:00:01 UTC
Severity: ...
Several vulnerabilities have been discovered in the PostgreSQL
database system
CVE-2023-5868
Jingzhou Fu discovered a memory disclosure flaw in aggregate
function calls
CVE-2023-5869
Pedro Gallegos reported integer overflow flaws resulting in buffer
overflows in the array modification functions
CVE-2023-5870
Hemanth Sandrana ...
Several vulnerabilities have been discovered in the PostgreSQL
database system
CVE-2023-5868
Jingzhou Fu discovered a memory disclosure flaw in aggregate
function calls
CVE-2023-5869
Pedro Gallegos reported integer overflow flaws resulting in buffer
overflows in the array modification functions
CVE-2023-5870
Hemanth Sandrana ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...
Synopsis
Important: postgresql:13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Pr ...
Synopsis
Important: RHACS 374 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 374 The updated images includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis
Important: postgresql:15 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated t ...
Synopsis
Important: postgresql:13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update S ...
Synopsis
Important: rh-postgresql13-postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rh-postgresql13-postgresql is now available for Red Hat Software CollectionsRed Hat Product Sec ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Pr ...
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 81 Update Services for SAP Solutions ...
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Pr ...
Synopsis
Important: postgresql:13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Pr ...
概述
Important: postgresql:13 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this updat ...
Synopsis
Important: rh-postgresql10-postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rh-postgresql10-postgresql is now available for Red Hat Software CollectionsRed Hat Product Sec ...
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Pr ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated t ...
Synopsis
Important: ACS 41 enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 416 The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System ( ...
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat E ...
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated t ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Security ha ...
Synopsis
Important: postgresql:15 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated t ...
概述
Important: postgresql:15 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Sec ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update S ...
Synopsis
Important: postgresql:12 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Pr ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
概述
Important: postgresql:15 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Sec ...
Synopsis
Important: rh-postgresql12-postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rh-postgresql12-postgresql is now available for Red Hat Software CollectionsRed Hat Product Sec ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security ha ...
概述
Important: postgresql:12 security update
类型/严重性
Security Advisory: Important
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
查看受影响的系统
标题
An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise ...
Synopsis
Important: postgresql:10 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update S ...
Synopsis
Important: postgresql security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for postgresql is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as hav ...
Synopsis
Important: RHACS 42 security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 424The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CV ...
While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution Missing overflow checks also let authenticated database users read a wide area of server memory The CVE-2021-32027 fix covered some attacks of this description, but it ...
While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution Missing overflow checks also let authenticated database users read a wide area of server memory The CVE-2021-32027 fix covered some attacks of this description, but it ...
Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte One typically gets an "unknown"-type value via a string literal having no type designation We have not confirmed or ruled out viability of attacks that arrange for presence of not ...
Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte One typically gets an "unknown"-type value via a string literal having no type designation We have not confirmed or ruled out viability of attacks that arrange for presence of not ...
While modifying certain SQL array values, missing overflow checks let authenticated database users write arbitrary bytes to a memory area that facilitates arbitrary code execution Missing overflow checks also let authenticated database users read a wide area of server memory The CVE-2021-32027 fix covered some attacks of this description, but it ...
Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte One typically gets an "unknown"-type value via a string literal having no type designation We have not confirmed or ruled out viability of attacks that arrange for presence of not ...
While modifying certain SQL array values, missing overflow checks let
authenticated database users write arbitrary bytes to a memory area that
facilitates arbitrary code execution Missing overflow checks also let
authenticated database users read a wide area of server memory The
CVE-2021-32027
fix covered some attacks of this description, but it ...