--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-5fbbf73269
2019-08-19 02:28:49.021623
--------------------------------------------------------------------------------
Name : postgresql
Product : Fedora 29
Version : 10.10
Release : 1.fc29
URL :
http://www.postgresql.org/
Summary : PostgreSQL client programs
Description :
PostgreSQL is an advanced Object-Relational database management system (DBMS).
The base postgresql package contains the client programs that you'll need to
access a PostgreSQL DBMS server, as well as HTML documentation for the whole
system. These client programs can be located on the same machine as the
PostgreSQL server, or on a remote machine that accesses a PostgreSQL server
over a network connection. The PostgreSQL server can be found in the
postgresql-server sub-package.
--------------------------------------------------------------------------------
Update Information:
New upstream release 10.10 Per release notes:
https://www.postgresql.org/docs/11/release-10-10.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 7 2019 Petr Kubat <pkubat(a)redhat.com> - 10.10-1
- New upstream release 10.10
https://www.postgresql.org/docs/10/release-10-10.html
* Thu Jul 11 2019 Petr Kubat <pkubat(a)redhat.com> - 10.9-1
- New upstream release 10.9
https://www.postgresql.org/docs/10/release-10-9.html
* Thu May 9 2019 Patrik Novotn�� <panovotn(a)redhat.com> - 10.8-1
- New postgresql-setup 8.4
- New upstream release 10.8
https://www.postgresql.org/docs/10/release-10-8.html
* Thu Feb 14 2019 Patrik Novotn�� <panovotn(a)redhat.com> - 10.7-1
- Rebase to upstream version 10.7
https://www.postgresql.org/docs/10/release-10-7.html
* Wed Nov 7 2018 Patrik Novotn�� <panovotn(a)redhat.com> - 10.6-1
- Rebase to upstream version 10.6
https://www.postgresql.org/docs/10/release-10-6.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1734416 - CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL
during SECURITY DEFINER execution
https://bugzilla.redhat.com/show_bug.cgi?id=1734416
[ 2 ] Bug #1734461 - CVE-2019-10211 postgresql: Windows installer bundled OpenSSL
executes code from unprotected directory
https://bugzilla.redhat.com/show_bug.cgi?id=1734461
[ 3 ] Bug #1734447 - CVE-2019-10209 postgresql: Memory disclosure in cross-type
comparison for hashed subplan
https://bugzilla.redhat.com/show_bug.cgi?id=1734447
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-5fbbf73269' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------