RedHat: RHSA-2020-3005-01 Important: Debezium 1.1.3 XML Threat

red hat

July 20, 2020

An update for Debezium PostgreSQL connector is now available for Red Hat Integration

Solution

To apply this update just follow standard installation procedure

tml/installing_debezium_on_openshift/installing_debezium_connectors

Summary

PostgreSQL is an advanced object-relational database management system. The Debezium PostgreSQL connector includes JDBC driver to access a PostgreSQL database.
Security Fix(es):
* postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Topics Covered

security advisory security update important postgresql debezium red hat integration xml vulnerability

References

https://access.redhat.com/security/cve/CVE-2020-13692 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=red.hat.integration&version=2020-Q2

Package List

Severity

important

Lowest

Low

Medium

High

Critical

Advisory ID: RHSA-2020:3005-01

Product: Red Hat Integration

Advisory URL: https://access.redhat.com/errata/RHSA-2020:3005

Issue date: 2020-07-20

Topic

An update for Debezium PostgreSQL connector is now available for Red HatIntegration.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics Covered

security advisory security update important postgresql debezium red hat integration xml vulnerability

Relevant Releases Architectures

Bugs Fixed

1852985 - CVE-2020-13692 postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

RedHat: RHSA-2020-3005-01 Important: Debezium 1.1.3 XML Threat

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

RedHat: RHSA-2020-3005-01 Important: Debezium 1.1.3 XML Threat

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!