[El-errata] ELSA-2024-10882 Important: Oracle Linux 7 postgresql security update

Thu Dec 26 12:48:05 UTC 2024

Oracle Linux Security Advisory ELSA-2024-10882

http://linux.oracle.com/errata/ELSA-2024-10882.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
postgresql-9.2.24-9.0.3.el7_9.i686.rpm
postgresql-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-contrib-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-devel-9.2.24-9.0.3.el7_9.i686.rpm
postgresql-devel-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-docs-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-libs-9.2.24-9.0.3.el7_9.i686.rpm
postgresql-libs-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-plperl-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-plpython-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-pltcl-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-server-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-static-9.2.24-9.0.3.el7_9.i686.rpm
postgresql-static-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-test-9.2.24-9.0.3.el7_9.x86_64.rpm
postgresql-upgrade-9.2.24-9.0.3.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//postgresql-9.2.24-9.0.3.el7_9.src.rpm

Related CVEs:

CVE-2024-10979

Description of changes:

[9.2.24-9.0.3]
- Fixes CVE-2024-10979 where environment variable mutations [Orabug: 37370704]
- are incorrectly allowed from trusted PL/Perl code