Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatebuffer overflow

Red Hat: RHSA-2022-6855-01 Moderate: rh-ruby30-ruby Buffer Overflow

An update for rh-ruby30-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-ruby30-ruby security, bug fix, and enhancement update Advisory ID: RHSA-2022:6855-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2022:6855 Issue date: 2022-10-11 CVE Names: CVE-2021-41816 CVE-2021-41817 CVE-2021-41819 CVE-2022-28738 CVE-2022-28739 ==================================================================== 1. Summary: An update for rh-ruby30-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby30-ruby (3.0.4). (BZ#2128628) Security Fix(es): * ruby: buffer overflow in CGI.escape_html (CVE-2021-41816) * ruby: Regular expression denial of service vulnerability of Date parsing methods (CVE-2021-41817) * ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819) * Ruby: Double free in Regexp compilation (CVE-2022-28738) * Ruby:Buffer overrun in String-to-Float conversion (CVE-2022-28739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * rh-ruby30 ruby: User-installed rubygems plugins are not being loaded (BZ#2128629) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2025104 - CVE-2021-41817 ruby: Regular expression denial of service vulnerability of Date parsing methods 2026752 - CVE-2021-41816 ruby: buffer overflow in CGI.escape_html 2026757 - CVE-2021-41819 ruby: Cookie prefix spoofing in CGI::Cookie.parse 2075685 - CVE-2022-28738 Ruby: Double free in Regexp compilation 2075687 - CVE-2022-28739 Ruby: Buffer overrun in String-to-Float conversion 2128628 - rh-ruby30-ruby: Rebase to the latest Ruby 3.0 release [rhscl-3] [rhscl-3.8.z] 2128629 - rh-ruby30 ruby: User-installed rubygems plugins are not being loaded [rhscl-3.8.z] 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-ruby30-ruby-3.0.4-149.el7.src.rpm noarch: rh-ruby30-ruby-default-gems-3.0.4-149.el7.noarch.rpm rh-ruby30-ruby-doc-3.0.4-149.el7.noarch.rpm rh-ruby30-rubygem-bundler-2.2.33-149.el7.noarch.rpm rh-ruby30-rubygem-irb-1.3.5-149.el7.noarch.rpm rh-ruby30-rubygem-minitest-5.14.2-149.el7.noarch.rpm rh-ruby30-rubygem-power_assert-1.2.0-149.el7.noarch.rpm rh-ruby30-rubygem-rake-13.0.3-149.el7.noarch.rpm rh-ruby30-rubygem-rbs-1.4.0-149.el7.noarch.rpm rh-ruby30-rubygem-rexml-3.2.5-149.el7.noarch.rpm rh-ruby30-rubygem-rss-0.2.9-149.el7.noarch.rpm rh-ruby30-rubygem-test-unit-3.3.7-149.el7.noarch.rpm rh-ruby30-rubygem-typeprof-0.15.2-149.el7.noarch.rpm rh-ruby30-rubygems-3.2.33-149.el7.noarch.rpm rh-ruby30-rubygems-devel-3.2.33-149.el7.noarch.rpm ppc64le: rh-ruby30-ruby-3.0.4-149.el7.ppc64le.rpm rh-ruby30-ruby-debuginfo-3.0.4-149.el7.ppc64le.rpm rh-ruby30-ruby-devel-3.0.4-149.el7.ppc64le.rpm rh-ruby30-ruby-libs-3.0.4-149.el7.ppc64le.rpm rh-ruby30-rubygem-bigdecimal-3.0.0-149.el7.ppc64le.rpm rh-ruby30-rubygem-io-console-0.5.7-149.el7.ppc64le.rpm rh-ruby30-rubygem-json-2.5.1-149.el7.ppc64le.rpm rh-ruby30-rubygem-psych-3.3.2-149.el7.ppc64le.rpm s390x: rh-ruby30-ruby-3.0.4-149.el7.s390x.rpm rh-ruby30-ruby-debuginfo-3.0.4-149.el7.s390x.rpm rh-ruby30-ruby-devel-3.0.4-149.el7.s390x.rpm rh-ruby30-ruby-libs-3.0.4-149.el7.s390x.rpm rh-ruby30-rubygem-bigdecimal-3.0.0-149.el7.s390x.rpm rh-ruby30-rubygem-io-console-0.5.7-149.el7.s390x.rpm rh-ruby30-rubygem-json-2.5.1-149.el7.s390x.rpm rh-ruby30-rubygem-psych-3.3.2-149.el7.s390x.rpm x86_64: rh-ruby30-ruby-3.0.4-149.el7.x86_64.rpm rh-ruby30-ruby-debuginfo-3.0.4-149.el7.x86_64.rpm rh-ruby30-ruby-devel-3.0.4-149.el7.x86_64.rpm rh-ruby30-ruby-libs-3.0.4-149.el7.x86_64.rpm rh-ruby30-rubygem-bigdecimal-3.0.0-149.el7.x86_64.rpm rh-ruby30-rubygem-io-console-0.5.7-149.el7.x86_64.rpm rh-ruby30-rubygem-json-2.5.1-149.el7.x86_64.rpm rh-ruby30-rubygem-psych-3.3.2-149.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.7): Source: rh-ruby30-ruby-3.0.4-149.el7.src.rpm noarch: rh-ruby30-ruby-default-gems-3.0.4-149.el7.noarch.rpm rh-ruby30-ruby-doc-3.0.4-149.el7.noarch.rpm rh-ruby30-rubygem-bundler-2.2.33-149.el7.noarch.rpm rh-ruby30-rubygem-irb-1.3.5-149.el7.noarch.rpm rh-ruby30-rubygem-minitest-5.14.2-149.el7.noarch.rpm rh-ruby30-rubygem-power_assert-1.2.0-149.el7.noarch.rpm rh-ruby30-rubygem-rake-13.0.3-149.el7.noarch.rpm rh-ruby30-rubygem-rbs-1.4.0-149.el7.noarch.rpm rh-ruby30-rubygem-rexml-3.2.5-149.el7.noarch.rpm rh-ruby30-rubygem-rss-0.2.9-149.el7.noarch.rpm rh-ruby30-rubygem-test-unit-3.3.7-149.el7.noarch.rpm rh-ruby30-rubygem-typeprof-0.15.2-149.el7.noarch.rpm rh-ruby30-rubygems-3.2.33-149.el7.noarch.rpm rh-ruby30-rubygems-devel-3.2.33-149.el7.noarch.rpm x86_64: rh-ruby30-ruby-3.0.4-149.el7.x86_64.rpm rh-ruby30-ruby-debuginfo-3.0.4-149.el7.x86_64.rpm rh-ruby30-ruby-devel-3.0.4-149.el7.x86_64.rpm rh-ruby30-ruby-libs-3.0.4-149.el7.x86_64.rpm rh-ruby30-rubygem-bigdecimal-3.0.0-149.el7.x86_64.rpm rh-ruby30-rubygem-io-console-0.5.7-149.el7.x86_64.rpm rh-ruby30-rubygem-json-2.5.1-149.el7.x86_64.rpm rh-ruby30-rubygem-psych-3.3.2-149.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-41816 https://access.redhat.com/security/cve/CVE-2021-41817 https://access.redhat.com/security/cve/CVE-2021-41819 https://access.redhat.com/security/cve/CVE-2022-28738 https://access.redhat.com/security/cve/CVE-2022-28739 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBY0Uv1tzjgjWX9erEAQgAKhAAjX8disZOm8gqwL8MxMVbPzYaxXlNCWSn /kI4e6oxz7lzw9tjdOmrdw9qgXVGY4EZAcZtkkDuQZFY6/1OfXWrFsCWInbbr6e/ 7SzF9a2XTyAxOLF1XU8IgyMKJ8TOQfsg/5CTGZpm8rIV+FjsS1u1SwhGXF1J/MWG TA3jlhLlqJusAGbl2xH3sjBc1ljaha3iVXstBxEfQQLJAisJf9xemU6hh45ceT90 TOiJyRh+JqdBHXv/41l+n/4fChH1oGnk6guQPbggPrTCKMvv55VS4x4vUYDMAdXc w6P3De5hutdjiJzOZwvm6PlaHQOAYRlRAbFh21T6p1HhunTBYTRxqh+BK42ygAnP 3AKhsUf/um6cMv2SWmvzEoA8xNDxaR1FKryzilpqgCyJhbf3Cx8xkWn1dyryTNwM d2k2anM9LbgiG05qRIV1QZcndiAZwL4fPTWE0yLd4H5a7kURkIYTwgVr8qAC5yYC 8R58XG7whyp+zvmc+RNUCCGcIEZ9p3Fbw5x6Lz5Y0CvMV0y4R5H+qcqSqPlKeJGI XBCgwpKxML+7bq0eqBmheLp4XYjvbgpMKlFU/ladFg9/a2NcbHiidxtcvHzEPcq8 oEuHjfaXnyTi7KC4PjHnDAaXxjrDsTrSNIBAcdbXA+p2ZE5FXcmRmrY3Qqz1i44j Q10rz6cYwlE=yEyk -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat issues notice RHSA-2022-6855-01 concerning rh-ruby30-ruby, highlighting moderate security vulnerabilities and improvements.. Red Hat Advisory,rh-ruby30-ruby,security update,bug fixes,software collection. . LinuxSecurity.com Team

Calendar 2 Oct 11, 2022 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

RedHat: RHSA-2021-5197 Moderate: PostgreSQL Server Security Update

An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-postgresql12-postgresql security update Advisory ID: RHSA-2021:5197-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2021:5197 Issue date: 2021-12-16 CVE Names: CVE-2021-3677 CVE-2021-23214 CVE-2021-23222 ==================================================================== 1. Summary: An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql (12.9). Security Fix(es): * postgresql: memory disclosure in certain queries (CVE-2021-3677) * postgresql: server processes unencrypted bytes from man-in-the-middle (CVE-2021-23214) * postgresql: libpq processes unencrypted bytes from man-in-the-middle (CVE-2021-23222) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the Referencessection. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 If the postgresql service is running, it will be automatically restarted after installing this update. 5. Bugs fixed (https://bugzilla.redhat.com/): 2001857 - CVE-2021-3677 postgresql: memory disclosure in certain queries 2022666 - CVE-2021-23214 postgresql: server processes unencrypted bytes from man-in-the-middle 2022675 - CVE-2021-23222 postgresql: libpq processes unencrypted bytes from man-in-the-middle 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-postgresql12-postgresql-12.9-1.el7.src.rpm ppc64le: rh-postgresql12-postgresql-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.9-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.9-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.9-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.9-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.9-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-postgresql12-postgresql-12.9-1.el7.src.rpm x86_64: rh-postgresql12-postgresql-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.9-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.9-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3677 https://access.redhat.com/security/cve/CVE-2021-23214 https://access.redhat.com/security/cve/CVE-2021-23222 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat securitycontact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYbuXetzjgjWX9erEAQgkvBAAnferJ5j44HK7yiCMceWWYwHOHJgbJiEv V7HhN9m1nIxZnT+z4e6d77xMAKHXcuFx8Nn9DDetBgLeQ+mAYqDk79mXFPXfYxEC rjHoqex2vjXSe1/sYSPaw9DhLXHaQK1mxu80qk/4niLMXRwF3tAI/u6C1QNa7E3r p4d9RUmGQoHQSs4onpmrYYdhAQk/g/riMOpmGm4ZVT5c27L3TJ8cbDzYgxTqzxqn +HaCEPy5aTwK/z5/HouAnQx8cRbj/a4gNXAJIF35ZzNAtDl9hSGiYns5D7BYHnOs QB9j3J7tBAu+U2Zs0Ze8QcY0/XvLsb7sfB09dTsojgC3KRVSvIAxgFIgHEmPrxh1 MZPdjyU+x3WCD7R42HQBeyPxurWhYmvUATKqNdJ3c5aX5RKcyvOSWXvyJYyhS4NA mN1RCh3COE/JiEmALfSXGKtUlOJQlUfAy3EBjra4zXpp1hIQjAfBzCozvbITc0NR X9g7rEU+xUaRJ+nXmLcCe1AdMSaRCmDCK+v/YsdP1A/GuXLt9i0s3vEWyjfVRrIm WUHRJtaKG/FhRgmHInGoFIzgfp0dZQuP4nyKkf0iHXQJ1UtlDKc1uYx9ethM/Xhw vIgWBiouR1angdIgqEvTjt1ORrQMFz7101WoZGTTS8oLHwRoNESKpz6DrekSf5vn AM1bXQVQAso=sk3x -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . New release for rh-postgresql12-postgresql classified as moderate, mitigating risks associated with memory exposure and potential man-in-the-middle vulnerabilities.. rh-postgresql12-postgresql, security update, Red Hat Software, PostgreSQL threats. . LinuxSecurity.com Team

Calendar 2 Dec 16, 2021 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateRed Hat

Red Hat v7: RHSA-2021-2993-01 Important: Varnish Cache HTTP/2 Attack

An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-varnish6-varnish security update Advisory ID: RHSA-2021:2993-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2021:2993 Issue date: 2021-08-03 CVE Names: CVE-2021-36740 ==================================================================== 1. Summary: An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. The following packages have been upgraded to a later upstream version: rh-varnish6-varnish (6.0.8). Security Fix(es): * varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request (CVE-2021-36740) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to theCVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1982409 - CVE-2021-36740 varnish: HTTP/2 request smuggling attack via a large Content-Length header for a POST request 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-varnish6-varnish-6.0.8-2.el7.src.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.src.rpm ppc64le: rh-varnish6-varnish-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.ppc64le.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.ppc64le.rpm s390x: rh-varnish6-varnish-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.s390x.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.s390x.rpm x86_64: rh-varnish6-varnish-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.x86_64.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-varnish6-varnish-6.0.8-2.el7.src.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.src.rpm ppc64le: rh-varnish6-varnish-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.ppc64le.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.ppc64le.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.ppc64le.rpm s390x: rh-varnish6-varnish-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.s390x.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.s390x.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.s390x.rpm x86_64: rh-varnish6-varnish-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.x86_64.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-varnish6-varnish-6.0.8-2.el7.src.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.src.rpm x86_64: rh-varnish6-varnish-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-devel-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-docs-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-libs-6.0.8-2.el7.x86_64.rpm rh-varnish6-varnish-modules-0.15.0-7.el7.x86_64.rpm rh-varnish6-varnish-modules-debuginfo-0.15.0-7.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-36740 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYQkLM9zjgjWX9erEAQi95w//ed6sR5dZixGGP2Vr/6lA+JNczSA++IBV dCYS159YAD5qOSQ3xUjE2jjZYLfZ57LE+s/ns7HXvBvxY+TP9unSJBhfxx3S+wb4 rJI06Cg3Xu+wU+pg6yX1QPBv9t4kaU5RNuiJW2vUFUtr1uXljhqgmu5VHhvZVH9O ni5lrv4u0AzUjpe8JRFVobANhGfPNFM/z+ba4iUvUnpnAtP7EzvmfSVzpgA9kjy1 lAM0CdCbxKOebk57eltnbZNgj15K3nweASaLeKoaXin0Q8WI+9jM8kOhe7n8WrJT HCIoUQ+IHLhZba292ib3BCz21GG4KgfOGZE8ClzbVAUYya/zODPoC/cxulR4OXfv NOgS5TzVRM/O9EzQfIlFv8BXNxeKi17pHNELBoiodLYXf9RHWhblqX6Cy/Bst7qO kyUrIvebTCs68lFLQICaEoUIlu9ENOpJShw0fjSkEjsBqntGgWvZ9EusFlyYzVAY WendKgN/VwriGqp5Z9sjlUUesTyadvPDPKuspwmhJts2UWnJFubjMSz194y/bEBX IlZsVg2tqZi4t9C85J+ZPJKn5YvG/RVG8aRbrzcihzNJpdxPAgoAaEdxHUKlU8p0 00mpNuV0rOymP7aeZoVcCoZFPK4Zk2I7ngzaQ8RuOm9ayIAEo0RnmgDBNYgZmVLx 5SzkDb2PFS8=uGAz -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A crucial security patch for rh-varnish6 has been released, focusing on a significant HTTP/2 vulnerability. Essential update information is outlined herein.. rh-varnish6, security update, Red Hat Software Collections, HTTP/2 attack, Important advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 03, 2021 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

Red Hat RHSA-2021:0521-01 Moderate: rh-nodejs10-nodejs Security Fix

An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-nodejs10-nodejs security update Advisory ID: RHSA-2021:0521-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2021:0521 Issue date: 2021-02-15 CVE Names: CVE-2020-7608 CVE-2020-7754 CVE-2020-7774 CVE-2020-7788 CVE-2020-8116 CVE-2020-8252 CVE-2020-8265 CVE-2020-8287 CVE-2020-15095 CVE-2020-15366 ==================================================================== 1. Summary: An update for rh-nodejs10-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs10-nodejs (10.23.1). Security Fix(es): * libuv:buffer overflow in realpath (CVE-2020-8252) * nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS (CVE-2020-7754) * nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774) * nodejs-ini: prototype pollution via malicious INI file (CVE-2020-7788) * nodejs-dot-prop: prototype pollution (CVE-2020-8116) * nodejs: use-after-free in the TLS implementation (CVE-2020-8265) * npm: sensitive information exposure through logs (CVE-2020-15095) * nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366) * nodejs-yargs-parser: prototype pollution vulnerability (CVE-2020-7608) * nodejs: HTTP request smuggling via two copies of a header field in an http request (CVE-2020-8287) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1840004 - CVE-2020-7608 nodejs-yargs-parser: prototype pollution vulnerability 1856875 - CVE-2020-15095 npm: sensitive information exposure through logs 1857977 - CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function 1868196 - CVE-2020-8116 nodejs-dot-prop: prototype pollution 1879315 - CVE-2020-8252 libuv: buffer overflow in realpath 1892430 - CVE-2020-7754 nodejs-npm-user-validate: improper input validation when validating user emails leads to ReDoS 1898680 - CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability 1907444 - CVE-2020-7788 nodejs-ini: prototype pollution via malicious INI file 1912854 - CVE-2020-8265 nodejs: use-after-free in the TLS implementation 1912863 - CVE-2020-8287 nodejs: HTTP request smuggling via two copies of a header field in an http request 6. Package List: Red Hat Software Collectionsfor Red Hat Enterprise Linux Server (v. 7): Source: rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm noarch: rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm ppc64le: rh-nodejs10-nodejs-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.ppc64le.rpm s390x: rh-nodejs10-nodejs-10.23.1-2.el7.s390x.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.s390x.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.s390x.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.s390x.rpm x86_64: rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm noarch: rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm ppc64le: rh-nodejs10-nodejs-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.ppc64le.rpm s390x: rh-nodejs10-nodejs-10.23.1-2.el7.s390x.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.s390x.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.s390x.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.s390x.rpm x86_64: rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm noarch: rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm ppc64le: rh-nodejs10-nodejs-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.ppc64le.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.ppc64le.rpm s390x: rh-nodejs10-nodejs-10.23.1-2.el7.s390x.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.s390x.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.s390x.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.s390x.rpm x86_64: rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nodejs10-nodejs-10.23.1-2.el7.src.rpm noarch: rh-nodejs10-nodejs-docs-10.23.1-2.el7.noarch.rpm x86_64: rh-nodejs10-nodejs-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-debuginfo-10.23.1-2.el7.x86_64.rpm rh-nodejs10-nodejs-devel-10.23.1-2.el7.x86_64.rpm rh-nodejs10-npm-6.14.10-10.23.1.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-7608 https://access.redhat.com/security/cve/CVE-2020-7754 https://access.redhat.com/security/cve/CVE-2020-7774 https://access.redhat.com/security/cve/CVE-2020-7788 https://access.redhat.com/security/cve/CVE-2020-8116 https://access.redhat.com/security/cve/CVE-2020-8252 https://access.redhat.com/security/cve/CVE-2020-8265 https://access.redhat.com/security/cve/CVE-2020-8287 https://access.redhat.com/security/cve/CVE-2020-15095 https://access.redhat.com/security/cve/CVE-2020-15366 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYCq9DtzjgjWX9erEAQjdxRAAin6FEJyHizfEO+c4wwR2ZgXhSGqQb994 tDcin2W38t1c60+kviQA5gHf8OV/tGMoGXr+kjY8mfoudrWAKyO8uwTxt3ZIlBNu RehUFnScPBi2AKbfQ8tQmf3fXAS7hpiajyzkFPPlz73JLVQ1tTgaQ8A9CwPcYfkt W/Q+Q0+6e47CnNS+WzEGzPHxON626wtm0PAwYHFoA9kXbceS22GtY0mHaMGNqI9e iXpvWuIRpNuymRE4b8uhDC6Fo4X1t3+BXePrWwIzOzTkUH6VmHDcCw4nKHf2zoe1 2sE+7FljArsoLHciMp1Ddkbd3TXUBqChttydsozL3WQ8IiiaR8FcYZmdEZ8suEJo VK79qrVAEoWYKAjpYwLOnxqUCLzVAjrEzsXhVA8OgdAgFxKra7ZjLmOE/SnUK96r mZQKM3K5i4kAPo7m9uJ/bBJYeb4vmC0Ekma5xEadDbqfl3QXmZJxUlc4gEQIz4je Rbcy7At1nvhZuVwONInlYXYkg74U6SWOPlHZjpv6j8veLyTvpIs9bpQuuTc7Xn4s FxTRxkPe9zwMfV7vtOGOUSADEgCwuVaciynkPfZD6MHLyGvABUrigsFPQ0Upi+v4 HuiHWfBMoqI/v9A0l4Iy2yJrkdc76aaODaaBB8dKUeI8DW/rGfXWBp5dgkiin/Rr uCNMJQckAVw=ZoSY -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ensure your rh-nodejs10-nodejs is updated for moderate security issues and vulnerabilities according to Red Hat advisory.. Red Hat Security, Node.js Update, Software Collections. . LinuxSecurity.com Team

Calendar 2 Feb 15, 2021 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateRed Hat

Red Hat RHSA-2020-5317-01 Important: PostgreSQL Security Update Critical

An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-postgresql12-postgresql security update Advisory ID: RHSA-2020:5317-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:5317 Issue date: 2020-12-02 CVE Names: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 ==================================================================== 1. Summary: An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql (12.5). Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: psql's gset allowsoverwriting specially treated variables (CVE-2020-25696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 If the postgresql service is running, it will be automatically restarted after installing this update. 5. Bugs fixed (https://bugzilla.redhat.com/): 1894423 - CVE-2020-25694 postgresql: Reconnection can downgrade connection security settings 1894425 - CVE-2020-25695 postgresql: Multiple features escape "security restricted operation" sandbox 1894430 - CVE-2020-25696 postgresql: psql's gset allows overwriting specially treated variables 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-postgresql12-postgresql-12.5-1.el7.src.rpm ppc64le: rh-postgresql12-postgresql-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.5-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.5-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.5-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-postgresql12-postgresql-12.5-1.el7.src.rpm ppc64le: rh-postgresql12-postgresql-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.5-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.5-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.5-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-postgresql12-postgresql-12.5-1.el7.src.rpm ppc64le: rh-postgresql12-postgresql-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.5-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.5-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.5-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-postgresql12-postgresql-12.5-1.el7.src.rpm x86_64: rh-postgresql12-postgresql-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.5-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.5-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25694 https://access.redhat.com/security/cve/CVE-2020-25695 https://access.redhat.com/security/cve/CVE-2020-25696 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat securitycontact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX8dvTtzjgjWX9erEAQhKTw/+OUqM8is9vY+5tRDbnzQZh2+NqU4J9yHq sg83O3N0JngAwacxYqtEaXbiumCrC3gO3pvr5B8O0Jn8QEgXyEJ1LWFjIL5iLCwE bMaTrxamwwRdteMRUMYKRAvdoTRC950iE55nMMNf+iy3tkP/vIyaXeT+HypmUCtW Tsh2g3VURC03TvToKbc2du3l+dtDcPY6d5es/F5nBdfPrDhsph1mkeq29JpQfgCZ rUy9OjLk+JDveL8BCZyXdlMxhizCiZp9KcnYqQlq22SoJORIgrmUUtTErCO2h+3v yWZbImY+qSDoeFfYenCpje3/SsbUaWOi0J9mM6SgWWyEqM2n7oPyXto3YrmqUZB6 ZEQXPHeHVo0EBU8YPmlCYq9vSqCuWGh66eMTtQ+opWdLzii5FnsGDBU44acddSc+ VnG1Iyw/LIiJfEsaeWi0uioSgMkKSMa84oo0VIUu3S6oiDY1F68964USNyfOgKl5 A3YRYWNuTRtKYIjIwTujKstgww79du5hW9AI/XosPhY7zzbK2HzNzoD2VAVlVemv F/iHwvO7I6+qAZIg4IN3yO1mggp2K1MXtOMzm5cHGWXhxWW60UuiK4ROCPxHHYix 0/KI95bT86derr1QtzjCZpPVNMEN2WAA/Xee/bB/VN2la/T9bYo/HWRX7gW4n7r8 dB3JhyhOA+Y=tvzJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical security patch for rh-mysql56-mysql improves defense against newly identified vulnerabilities.. Red Hat PostgreSQL Security, Database Management Security, Software Collections Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 02, 2020 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatupdate

RedHat: RHSA-2020:5246-01 Important: Code Injection in MariaDB

An update for rh-mariadb103-mariadb and rh-mariadb103-galera is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-mariadb103-mariadb and rh-mariadb103-galera security update Advisory ID: RHSA-2020:5246-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:5246 Issue date: 2020-11-30 CVE Names: CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-2737 CVE-2019-2739 CVE-2019-2740 CVE-2019-2758 CVE-2019-2805 CVE-2019-2938 CVE-2019-2974 CVE-2020-2574 CVE-2020-2752 CVE-2020-2760 CVE-2020-2780 CVE-2020-2812 CVE-2020-2814 CVE-2020-2922 CVE-2020-13249 CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-15180 ==================================================================== 1. Summary: An update for rh-mariadb103-mariadb and rh-mariadb103-galera is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red HatEnterprise Linux Workstation (v. 7) - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb103-mariadb (10.3.27), rh-mariadb103-galera (25.3.31). (BZ#1894122, BZ#1894124) Security Fix(es): * mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep (CVE-2020-15180) * mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) (CVE-2019-2614) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) (CVE-2019-2627) * mysql: InnoDB unspecified vulnerability (CPU Apr 2019) (CVE-2019-2628) * mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739) * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740) * mysql: InnoDB unspecified vulnerability (CPU Jul 2019) (CVE-2019-2758) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805) * mysql: InnoDB unspecified vulnerability (CPU Oct 2019) (CVE-2019-2938) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) (CVE-2019-2974) * mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2752) * mysql: InnoDB unspecified vulnerability (CPU Apr 2020) (CVE-2020-2760) * mysql: Server: DML unspecified vulnerability (CPU Apr 2020) (CVE-2020-2780) * mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2020) (CVE-2020-2812) * mysql: InnoDB unspecified vulnerability (CPU Apr 2020) (CVE-2020-2814) * mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2922) * mariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249) * mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) (CVE-2020-14765) * mysql: InnoDB unspecified vulnerability (CPU Oct 2020) (CVE-2020-14776) *mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) (CVE-2020-14789) * mysql: Server: Locking unspecified vulnerability (CPU Oct 2020) (CVE-2020-14812) * mysql: C API unspecified vulnerability (CPU Jan 2020) (CVE-2020-2574) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * mysqld_safe --dry-run doesn't work as expected (BZ#1894105) Enhancement(s): * [RFE] create separate package providing ha_connect.so plugin for mariadb-server in SCL (BZ#1894114) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1702969 - CVE-2019-2614 mysql: Server: Replication unspecified vulnerability (CPU Apr 2019) 1702976 - CVE-2019-2627 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2019) 1702977 - CVE-2019-2628 mysql: InnoDB unspecified vulnerability (CPU Apr 2019) 1731997 - CVE-2019-2737 mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) 1731999 - CVE-2019-2739 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) 1732000 - CVE-2019-2740 mysql: Server: XML unspecified vulnerability (CPU Jul 2019) 1732008 - CVE-2019-2758 mysql: InnoDB unspecified vulnerability (CPU Jul 2019) 1732025 - CVE-2019-2805 mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) 1764680 - CVE-2019-2938 mysql: InnoDB unspecified vulnerability (CPU Oct 2019) 1764691 - CVE-2019-2974 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2019) 1798587 - CVE-2020-2574 mysql: C API unspecified vulnerability (CPU Jan 2020) 1830056 - CVE-2020-2780 mysql: Server: DML unspecified vulnerability (CPU Apr 2020) 1830059 - CVE-2020-2812 mysql: Server: Stored Procedure unspecifiedvulnerability (CPU Apr 2020) 1830060 - CVE-2020-2814 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1830082 - CVE-2020-2760 mysql: InnoDB unspecified vulnerability (CPU Apr 2020) 1835849 - CVE-2020-2752 mysql: C API unspecified vulnerability (CPU Apr 2020) 1835850 - CVE-2020-2922 mysql: C API unspecified vulnerability (CPU Apr 2020) 1839827 - CVE-2020-13249 mariadb-connector-c: Improper validation of content in a OK packet received from server 1890738 - CVE-2020-14765 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) 1890743 - CVE-2020-14776 mysql: InnoDB unspecified vulnerability (CPU Oct 2020) 1890747 - CVE-2020-14789 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020) 1890756 - CVE-2020-14812 mysql: Server: Locking unspecified vulnerability (CPU Oct 2020) 1894070 - Test case failure: /CoreOS/mariadb55/testsuite - main.plugin_auth 'innodb' [rhscl-3.5.z] 1894105 - mysqld_safe --dry-run doesn't work as expected [rhscl-3.5.z] 1894114 - [RFE] create separate package providing ha_connect.so plugin for mariadb-server in SCL [rhscl-3.5.z] 1894122 - Tracker: MariaDB rebase to the latest version (10.3.26) [rhscl-3.5.z] 1894919 - CVE-2020-15180 mariadb: Insufficient SST method name check leading to code injection in mysql-wsrep 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-mariadb103-galera-25.3.31-1.el7.src.rpm rh-mariadb103-mariadb-10.3.27-1.el7.src.rpm aarch64: rh-mariadb103-galera-25.3.31-1.el7.aarch64.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.aarch64.rpm rh-mariadb103-mariadb-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.aarch64.rpm ppc64le: rh-mariadb103-galera-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-mariadb-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.ppc64le.rpm s390x: rh-mariadb103-galera-25.3.31-1.el7.s390x.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.s390x.rpm rh-mariadb103-mariadb-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-mariadb103-galera-25.3.31-1.el7.src.rpm rh-mariadb103-mariadb-10.3.27-1.el7.src.rpm aarch64: rh-mariadb103-galera-25.3.31-1.el7.aarch64.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.aarch64.rpm rh-mariadb103-mariadb-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.aarch64.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.aarch64.rpm ppc64le: rh-mariadb103-galera-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-mariadb-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.ppc64le.rpm s390x: rh-mariadb103-galera-25.3.31-1.el7.s390x.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.s390x.rpm rh-mariadb103-mariadb-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.s390x.rpm x86_64: rh-mariadb103-galera-25.3.31-1.el7.x86_64.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.x86_64.rpm rh-mariadb103-mariadb-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-mariadb103-galera-25.3.31-1.el7.src.rpm rh-mariadb103-mariadb-10.3.27-1.el7.src.rpm ppc64le: rh-mariadb103-galera-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-mariadb-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.ppc64le.rpm s390x: rh-mariadb103-galera-25.3.31-1.el7.s390x.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.s390x.rpm rh-mariadb103-mariadb-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.s390x.rpm x86_64: rh-mariadb103-galera-25.3.31-1.el7.x86_64.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.x86_64.rpm rh-mariadb103-mariadb-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-mariadb103-galera-25.3.31-1.el7.src.rpm rh-mariadb103-mariadb-10.3.27-1.el7.src.rpm ppc64le: rh-mariadb103-galera-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.ppc64le.rpm rh-mariadb103-mariadb-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.ppc64le.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.ppc64le.rpm s390x: rh-mariadb103-galera-25.3.31-1.el7.s390x.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.s390x.rpm rh-mariadb103-mariadb-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.s390x.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.s390x.rpm x86_64: rh-mariadb103-galera-25.3.31-1.el7.x86_64.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.x86_64.rpm rh-mariadb103-mariadb-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.7): Source: rh-mariadb103-galera-25.3.31-1.el7.src.rpm rh-mariadb103-mariadb-10.3.27-1.el7.src.rpm x86_64: rh-mariadb103-galera-25.3.31-1.el7.x86_64.rpm rh-mariadb103-galera-debuginfo-25.3.31-1.el7.x86_64.rpm rh-mariadb103-mariadb-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-backup-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-common-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-config-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-connect-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-debuginfo-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-devel-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-errmsg-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-gssapi-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-oqgraph-engine-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-galera-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-server-utils-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-syspaths-10.3.27-1.el7.x86_64.rpm rh-mariadb103-mariadb-test-10.3.27-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-2614 https://access.redhat.com/security/cve/CVE-2019-2627 https://access.redhat.com/security/cve/CVE-2019-2628 https://access.redhat.com/security/cve/CVE-2019-2737 https://access.redhat.com/security/cve/CVE-2019-2739 https://access.redhat.com/security/cve/CVE-2019-2740 https://access.redhat.com/security/cve/CVE-2019-2758 https://access.redhat.com/security/cve/CVE-2019-2805 https://access.redhat.com/security/cve/CVE-2019-2938 https://access.redhat.com/security/cve/CVE-2019-2974 https://access.redhat.com/security/cve/CVE-2020-2574 https://access.redhat.com/security/cve/CVE-2020-2752 https://access.redhat.com/security/cve/CVE-2020-2760 https://access.redhat.com/security/cve/CVE-2020-2780 https://access.redhat.com/security/cve/CVE-2020-2812 https://access.redhat.com/security/cve/CVE-2020-2814 https://access.redhat.com/security/cve/CVE-2020-2922 https://access.redhat.com/security/cve/CVE-2020-13249 https://access.redhat.com/security/cve/CVE-2020-14765 https://access.redhat.com/security/cve/CVE-2020-14776 https://access.redhat.com/security/cve/CVE-2020-14789 https://access.redhat.com/security/cve/CVE-2020-14812 https://access.redhat.com/security/cve/CVE-2020-15180 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBX8T3qtzjgjWX9erEAQjcfA/+MV8Nc/Uv4rXJ3lsOs5VrVVhCI1Xx5nkr T4b+STQmKf51Q5AzBjmV3igE9CNakk/vKKwe3+PQDILDTZe8t8blRr6fw1ECz8Yi duvkN7Hui8RlnlZiivggqHmA/jagkE6GAthFTbKz7z9ZUP7eu7uKtvPrKnQtfiWT iut6LOjOf5Opnl2dqcLY/Qlm60vtA36FKfFySE+odTa49UJu/p52pJ7UCP4akB4y Aua1CPSAKNUwfwk7nWUMNsWcoAw+BRObkUJhm1XGAE0+vpb/vVdTMaWABYEA1iP8 5uGaYrEIW5sv4JbYEaD7FFGiFq7wTBcfpVOiS+R27CitZp7CWOIvypt7eXV2zsOC jC7+I5AQsDtlZSLubLl/0gGTNhX8SrynvCeb3mPd0Ntszec/kFW125ob0lH87vDy Ga0xBLYdz5NYuPkapOZx/JzR+WOkdLXDIJ8ZuFPN6qMEv4vCC2BESNLw7/t6yP83 MFEySuO4qRx1hnTwgrmWHaW/V6Y7nnodxDj6QcpRkh3LrYtrGLlLtSrXe5NARvoe PleisBLq6H8ZSjPCSOpUWhvbHfrvpcMKcMFyXFgFjapBdSRo2kUa/2nr/hxptJZW mX3bNIAwbPWylGrChpAIKq6FKrbuCCT2zc9WwwvQWKSlttEocPNJuWLpxPJ2zRxA g5myTeK83z0=Pg4u -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical updates for rh-mariadb103-mariadb and galera have been issued by Red Hat to mitigate significant security flaws.. RedHat Security,MariaDB Update,Database Security,Important Advisory,Code Injection Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 30, 2020 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat Software Collections: RHSA-2020-5112-01 Moderate: PostgreSQL Update

An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-postgresql12-postgresql security update Advisory ID: RHSA-2020:5112-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:5112 Issue date: 2020-11-16 CVE Names: CVE-2020-1720 CVE-2020-14349 CVE-2020-14350 ==================================================================== 1. Summary: An update for rh-postgresql12-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: PostgreSQL is an advanced object-relational database management system (DBMS). The following packages have been upgraded to a later upstream version: rh-postgresql12-postgresql (12.4). Security Fix(es): * postgresql: Uncontrolled search path element in logical replication (CVE-2020-14349) * postgresql: Uncontrolled search path element in CREATE EXTENSION (CVE-2020-14350) * postgresql: ALTER ... DEPENDS ONEXTENSION is missing authorization checks (CVE-2020-1720) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 If the postgresql service is running, it will be automatically restarted after installing this update. 5. Bugs fixed (https://bugzilla.redhat.com/): 1798852 - CVE-2020-1720 postgresql: ALTER ... DEPENDS ON EXTENSION is missing authorization checks 1865744 - CVE-2020-14349 postgresql: Uncontrolled search path element in logical replication 1865746 - CVE-2020-14350 postgresql: Uncontrolled search path element in CREATE EXTENSION 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-postgresql12-postgresql-12.4-1.el7.src.rpm aarch64: rh-postgresql12-postgresql-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-server-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-static-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-test-12.4-1.el7.aarch64.rpm ppc64le: rh-postgresql12-postgresql-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.4-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.4-1.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-postgresql12-postgresql-12.4-1.el7.src.rpm aarch64: rh-postgresql12-postgresql-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-server-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-static-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.aarch64.rpm rh-postgresql12-postgresql-test-12.4-1.el7.aarch64.rpm ppc64le: rh-postgresql12-postgresql-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.4-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.4-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.4-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-postgresql12-postgresql-12.4-1.el7.src.rpm ppc64le: rh-postgresql12-postgresql-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.4-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.4-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.4-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.7): Source: rh-postgresql12-postgresql-12.4-1.el7.src.rpm ppc64le: rh-postgresql12-postgresql-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-static-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.ppc64le.rpm rh-postgresql12-postgresql-test-12.4-1.el7.ppc64le.rpm s390x: rh-postgresql12-postgresql-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-static-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.s390x.rpm rh-postgresql12-postgresql-test-12.4-1.el7.s390x.rpm x86_64: rh-postgresql12-postgresql-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.4-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-postgresql12-postgresql-12.4-1.el7.src.rpm x86_64: rh-postgresql12-postgresql-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-contrib-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-debuginfo-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-devel-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-docs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-libs-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plperl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-plpython-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-pltcl-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-server-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-static-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-syspaths-12.4-1.el7.x86_64.rpm rh-postgresql12-postgresql-test-12.4-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-1720 https://access.redhat.com/security/cve/CVE-2020-14349 https://access.redhat.com/security/cve/CVE-2020-14350 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat securitycontact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX7JsK9zjgjWX9erEAQizVA//bfrLeY3VGdOLyv8BZljkXCXLs3tJcR0B 1H765kh0kOOtz4Yu9MCnJ+sDnsTnu5t/sMwF+dK9RbqBFzAkAhRqmfJO+5RoHy6i pCTTzcSs/reEZhSFOjqy8nzZyQnI8DMmsD6rayuQbIxWw76PMSf5UHMiEqEOqzFZ X7WXLtgXRz9D2F5G+wLCtUuGzUBVDIXlO48yXGLfB8fsBSo1sbnyyHfk0uRRUUyk yFjoVnUReEairGnrOjtgMlc7WJsrAyVi7lc4M6n1gYa5Rt0Dfl8Zt0o168nrumwE yrk9Lso/5aFjDspMb1jA8KuwA9mtZztg81TZpZmUjaTVQOyPgBYE0tzJt7qgWA1g aT+bczS/wzRLLR6XYgp41T8kCW+jxxOGdG/r81RJIspyrN+TTDk6CV0GlRJPd1sQ 1TmH6OpTQ0AL2Xd5k/SATvXJrQdkfI5wNWOgG7vOgX4mom2ahjR6I6pWiUMwoL1V MuSqSLagqpbBvhJD2/wVUsriBBjGyaB6EoqWMnJ9rPN8JAmfDtvUGZwpvR3vaMI8 WvhK/Do4W5LmYAOaw/KqcJRzeIFORTizkDsTQjG8TCrlj5sArUYfgkr/Tz3Qds+A GN+pxDfvKB7h42KtKDd7loEM9FeiQLZuJPoDW3SLmXu4k6yitMdts9G/zI82KNMW DV0QmZQhHe4=Eosf -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat has issued a significant security patch for rh-postgresql12-postgresql, tackling several vulnerabilities.. PostgreSQL Security, Red Hat Advisory, Database Update, Software Collections. . LinuxSecurity.com Team

Calendar 2 Nov 16, 2020 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatered hat

Red Hat: RHSA-2020:4312-01 Important: Jackson Databind XML Threat

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-maven35-jackson-databind security update Advisory ID: RHSA-2020:4312-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:4312 Issue date: 2020-10-22 CVE Names: CVE-2020-25649 ==================================================================== 1. Summary: An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix(es): * jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) (CVE-2020-25649) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details onhow to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1887664 - CVE-2020-25649 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.12.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.12.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.12.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.12.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.12.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.12.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-maven35-jackson-databind-2.7.6-2.12.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.12.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.12.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-maven35-jackson-databind-2.7.6-2.12.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.12.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.12.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.12.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.12.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.12.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-25649 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX5G3l9zjgjWX9erEAQgNJw//V6i0MaE6kJf78AmcwlVreSW1RPxOKN/E x/K1urqgA74g4anadf8MRodiyk+JgL5Uujh1rGNFzMksL+U8F2XE3C5eZZu+L4lC wC+JVh1xKWRSmgVZab6GtQdUL7NvbBu4zl6lVqfdhgV7/24JJVfpvQ+s7X1m0yko vL83uZ5YVlvP7bdk4B+MF8CtyjmxOI3DhaJk0L88uTvNIVSSBCKLihQfmT5g7hB0 VnlYW1ThsnaGOvYSK1mhaWUQv3fw+xIIJ1e6xSlyVAANNI1cRuOS6502fzsn+s89 HOLUq47hPM+2YQBnj6nZi5KfaA7J+fDQfp0rsMrGzDI92nvG1FO+PhLHU/VdOESL Rwpy/dCG/Sx1499a0Tziwf1H5Dadfwpu2dIp7yNmPxHtPXUuwNJDoo9zWOggvZoR 97Syo6dfh2YxFsbshHEiFNH8siFNBsmU5dcDXD/asMNigoiIAW508ojfHhfr5yLc r42xHhBPmxnot65DNeQrwjUmibLCef3J3en0uV/OEyTgoaxlqt1Zf1uWUQ6aQxR/ Enklt1rKx8398R8UB61gRTYftaNX6md3zgWz844meG+cakEA1obWrO2Fau/67lNe NqGuFRDGGidSCL2v/WU/49AA7FReEm7wKuR/u0zbH50I4ihH7uR9DkrGvWD4soAe /o4+qVFSE74=ygzN -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial security patch for rh-maven35-jackson-databind within Red Hat Software Collections. Essential information enclosed.. Red Hat Security, Software Update, Jackson Databind, Security Patch, XML Issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 22, 2020 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here