Bug 2022675 (CVE-2021-23222)
| Summary: | CVE-2021-23222 postgresql: libpq processes unencrypted bytes from man-in-the-middle | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marian Rehak <mrehak> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | aileenc, akoufoud, alazarot, almorale, anon.amish, anstephe, aos-bugs, asakala, avibelli, bdettelb, bgeorges, bibryam, caswilli, cbuissar, chazlett, clement.escoffier, dandread, databases-maint, devrim, dkreling, drieden, eric.wittmann, etirelli, fjansen, fjanus, ggastald, ggaughan, gmalinko, gmorling, gsmet, hamadhan, hbraun, hhorak, ibek, janstey, jmlich83, jnakfour, jnethert, jochrist, jorton, jpallich, jpechane, jrokos, jstastny, jwon, kaycoth, krathod, kverlaen, kyoshida, loleary, lthon, mike, mnovotny, mszynkie, mvanderw, panovotn, pantinor, pdelbell, peholase, pgallagh, pjindal, pkubat, praiskup, probinso, psegedy, rfreiman, rrajasek, rruss, rsvoboda, sbiarozk, sdouglas, spinder, tgl, theute, tzimanyi |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | postgresql 9.6.24, postgresql 10.19, postgresql 11.14, postgresql 12.9, postgresql 13.5, postgresql 14.1 | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-12-16 18:57:00 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2022676, 2022677, 2022678, 2022679, 2022680, 2022681, 2022682, 2022683, 2023287, 2023288, 2023289, 2023290, 2023291, 2023292, 2023293, 2023294, 2023302, 2026904, 2031509, 2031510 | ||
| Bug Blocks: | 2021380 | ||
|
Description
Marian Rehak
2021-11-12 10:38:40 UTC
Created mingw-postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022676] Created postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022682] Created postgresql:10/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022677] Created postgresql:11/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022678] Created postgresql:12/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022679] Created postgresql:13/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022680] Created postgresql:14/postgresql tracking bugs for this issue: Affects: fedora-all [bug 2022683] Created postgresql:9.6/postgresql tracking bugs for this issue: Affects: fedora-34 [bug 2022681] Upstream commit: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=160c0258802d10b0600d7671b1bbea55d8e17d45 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2021:5179 https://access.redhat.com/errata/RHSA-2021:5179 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2021:5197 https://access.redhat.com/errata/RHSA-2021:5197 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-23222 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1891 https://access.redhat.com/errata/RHSA-2022:1891 |