Centos Linux: CVE-2021-23214: Moderate: postgresql:12 security update (Multiple Advisories) ~ Vulnerability Database

Description
It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands.
Solution(s)
centos-upgrade-pg_repack
centos-upgrade-pg_repack-debuginfo
centos-upgrade-pg_repack-debugsource
centos-upgrade-pgaudit
centos-upgrade-pgaudit-debuginfo
centos-upgrade-pgaudit-debugsource
centos-upgrade-postgres-decoderbufs
centos-upgrade-postgres-decoderbufs-debuginfo
centos-upgrade-postgres-decoderbufs-debugsource
centos-upgrade-postgresql
centos-upgrade-postgresql-contrib
centos-upgrade-postgresql-contrib-debuginfo
centos-upgrade-postgresql-debuginfo
centos-upgrade-postgresql-debugsource
centos-upgrade-postgresql-docs
centos-upgrade-postgresql-docs-debuginfo
centos-upgrade-postgresql-plperl
centos-upgrade-postgresql-plperl-debuginfo
centos-upgrade-postgresql-plpython3
centos-upgrade-postgresql-plpython3-debuginfo
centos-upgrade-postgresql-pltcl
centos-upgrade-postgresql-pltcl-debuginfo
centos-upgrade-postgresql-server
centos-upgrade-postgresql-server-debuginfo
centos-upgrade-postgresql-server-devel
centos-upgrade-postgresql-server-devel-debuginfo
centos-upgrade-postgresql-static
centos-upgrade-postgresql-test
centos-upgrade-postgresql-test-debuginfo
centos-upgrade-postgresql-test-rpm-macros
centos-upgrade-postgresql-upgrade
centos-upgrade-postgresql-upgrade-debuginfo
centos-upgrade-postgresql-upgrade-devel
centos-upgrade-postgresql-upgrade-devel-debuginfo


ReferencesCESA-2021:5235
CESA-2021:5236
CVE-2021-23214

Cyber Details

Thursday, December 23, 2021

Centos Linux: CVE-2021-23214: Moderate: postgresql:12 security update (Multiple Advisories)

Source Sites

Subscribe to an RSS Feed

Blog Archive