[SECURITY] Fedora 29 Update: postgresql-10.10-1.fc29

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-5fbbf73269 2019-08-19 02:28:49.021623 -------------------------------------------------------------------------------- Name : postgresql Product : Fedora 29 Version : 10.10 Release : 1.fc29 URL : http://www.postgresql.org/ Summary : PostgreSQL client programs Description : PostgreSQL is an advanced Object-Relational database management system (DBMS). The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine as the PostgreSQL server, or on a remote machine that accesses a PostgreSQL server over a network connection. The PostgreSQL server can be found in the postgresql-server sub-package. -------------------------------------------------------------------------------- Update Information: New upstream release 10.10 Per release notes: https://www.postgresql.org/docs/11/release-10-10.html -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 7 2019 Petr Kubat <pkubat(a)redhat.com&gt; - 10.10-1 - New upstream release 10.10 https://www.postgresql.org/docs/10/release-10-10.html * Thu Jul 11 2019 Petr Kubat <pkubat(a)redhat.com&gt; - 10.9-1 - New upstream release 10.9 https://www.postgresql.org/docs/10/release-10-9.html * Thu May 9 2019 Patrik Novotn�� <panovotn(a)redhat.com&gt; - 10.8-1 - New postgresql-setup 8.4 - New upstream release 10.8 https://www.postgresql.org/docs/10/release-10-8.html * Thu Feb 14 2019 Patrik Novotn�� <panovotn(a)redhat.com&gt; - 10.7-1 - Rebase to upstream version 10.7 https://www.postgresql.org/docs/10/release-10-7.html * Wed Nov 7 2018 Patrik Novotn�� <panovotn(a)redhat.com&gt; - 10.6-1 - Rebase to upstream version 10.6 https://www.postgresql.org/docs/10/release-10-6.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1734416 - CVE-2019-10208 postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution https://bugzilla.redhat.com/show_bug.cgi?id=1734416 [ 2 ] Bug #1734461 - CVE-2019-10211 postgresql: Windows installer bundled OpenSSL executes code from unprotected directory https://bugzilla.redhat.com/show_bug.cgi?id=1734461 [ 3 ] Bug #1734447 - CVE-2019-10209 postgresql: Memory disclosure in cross-type comparison for hashed subplan https://bugzilla.redhat.com/show_bug.cgi?id=1734447 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-5fbbf73269' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------