Certain aggregate function calls receiving "unknown"-type arguments could disclose bytes of server memory from the end of the "unknown"-type value to the next zero byte. One typically gets an "unknown"-type value via a string literal having no type designation. We have not confirmed or ruled out viability of attacks that arrange for presence of notable, confidential information in disclosed bytes.
This CVE is public now (lifting embargo...) https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
Created mingw-postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249042] Created postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249041] Created postgresql:12/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249043] Created postgresql:13/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249044] Created postgresql:14/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249045] Created postgresql:15/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2249046]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:7545 https://access.redhat.com/errata/RHSA-2023:7545
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7579 https://access.redhat.com/errata/RHSA-2023:7579
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7580 https://access.redhat.com/errata/RHSA-2023:7580
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7581 https://access.redhat.com/errata/RHSA-2023:7581
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7616 https://access.redhat.com/errata/RHSA-2023:7616
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7656 https://access.redhat.com/errata/RHSA-2023:7656
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:7667 https://access.redhat.com/errata/RHSA-2023:7667
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:7666 https://access.redhat.com/errata/RHSA-2023:7666
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7694 https://access.redhat.com/errata/RHSA-2023:7694
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:7695 https://access.redhat.com/errata/RHSA-2023:7695
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7714 https://access.redhat.com/errata/RHSA-2023:7714
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2023:7770 https://access.redhat.com/errata/RHSA-2023:7770
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2023:7772 https://access.redhat.com/errata/RHSA-2023:7772
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7784 https://access.redhat.com/errata/RHSA-2023:7784
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7785 https://access.redhat.com/errata/RHSA-2023:7785
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2023:7885 https://access.redhat.com/errata/RHSA-2023:7885
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7883 https://access.redhat.com/errata/RHSA-2023:7883
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:7884 https://access.redhat.com/errata/RHSA-2023:7884
This issue has been addressed in the following products: RHACS-3.74-RHEL-8 Via RHSA-2024:0304 https://access.redhat.com/errata/RHSA-2024:0304
This issue has been addressed in the following products: RHACS-4.1-RHEL-8 Via RHSA-2024:0332 https://access.redhat.com/errata/RHSA-2024:0332
This issue has been addressed in the following products: Red Hat Advanced Cluster Security 4.2 Via RHSA-2024:0337 https://access.redhat.com/errata/RHSA-2024:0337