Bug 1719698 (CVE-2019-10164)
| Summary: | CVE-2019-10164 postgresql: Stack-based buffer overflow via setting a password | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | msiddiqu |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | akoufoud, alazarot, almorale, anon.amish, anstephe, apmukher, asakala, bbuckingham, bcourt, bkearney, btotty, databases-maint, dblechte, devrim, dfediuck, eedri, etirelli, hhorak, hhudgeon, ibek, jmlich83, jorton, jstanek, krathod, kverlaen, kyoshida, lzap, mgoldboi, mhulan, michal.skrivanek, mike, mmccune, mnovotny, mperina, panovotn, paradhya, pkajaba, pkubat, praiskup, puebele, rchan, rjerrido, rrajasek, rsynek, sbonazzo, sdaley, security-response-team, sherold, sisharma, tgl, tlestach, trupti_pardeshi, yturgema |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | PostgreSQL 10.9, PostgreSQL 11.4 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-03-26 16:32:19 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1723412, 1723413, 1723414, 1727802, 1727803, 1727804, 1727805, 1728128, 1749461, 1813832, 1857225, 1881776, 1909704, 1909705 | ||
| Bug Blocks: | 1719701 | ||
|
Description
msiddiqu
2019-06-12 11:21:50 UTC
External References: https://www.postgresql.org/support/security/ Created mingw-postgresql tracking bugs for this issue: Affects: epel-7 [bug 1723414] Affects: fedora-all [bug 1723412] Created postgresql tracking bugs for this issue: Affects: fedora-all [bug 1723413] Patch: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=90adc16ea13750a6b6f704c6cf65dc0f1bdb845c https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=d72a7e4da1001b29a661a4b1a52cb5c4d708bab0 Hello, May I know if Linux PostgreSQL 7.1beta6 version is also affected and requires this fix? Any heads up will be appreciated. Thank you in advance. Best Regards, (In reply to Trupti Pardeshi from comment #8) > Hello, > > May I know if Linux PostgreSQL 7.1beta6 version is also affected and > requires this fix? Any heads up will be appreciated. > > Thank you in advance. > > Best Regards, Gentle Reminder.. Awaiting for your response. This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Via RHSA-2020:0980 https://access.redhat.com/errata/RHSA-2020:0980 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-10164 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:3669 https://access.redhat.com/errata/RHSA-2020:3669 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:5664 https://access.redhat.com/errata/RHSA-2020:5664 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:0166 https://access.redhat.com/errata/RHSA-2021:0166 |