Re: Tenable Report Issue even after upgrading to correct Postgres version

Hi,

I installed v12.2-4 on my Windows VM, launched StackBuilder and upgraded to
version v12.9-1 (the latest stable release) and the registry entry was
updated. I've attached the screenshots.

If the installation log is provided, we may know if the upgrade was really
successful.

On Thu, Nov 11, 2021 at 11:24 PM David G. Johnston <
david(dot)g(dot)johnston(at)gmail(dot)com> wrote:

> On Thursday, November 11, 2021, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
>
>> On Thu, Nov 11, 2021 at 03:49:29PM +0000, Kishore Isaac wrote:
>> >
>> >
>> > We were informed by a customer using Tenable reports that we needed to
>> upgrade
>> > Postgres from 12.2 to 12.7 due to vulnerability issues. We have since
>> upgraded
>> > to the requested version of Postgres (12.7) but the Tenable report
>> scans still
>> > show that the version is 12.2. After reaching out the Tenable, we found
>> that
>> > the version information is not updated in the system registry where
>> Tenable is
>> > pulling the information from. Is there any resolution for this?
>> >
>> >
>> >
>> > Below is the registry information:
>>
>> Uh, I have no idea what Tenable is, which I think means we don't control
>> that way of distributing Postgres.
>>
>
> IIUC Tenable is just a system scanner. Apparently whomever built the
> Windows installer/upgrade binary for this customer (likely EDB) puts
> version info, during initial install, into the Window’s Registry but
> doesn’t update that information upon performing a minor release patch.
> This seems like a bug, though not of the core project but the distributor.
>
> David J.
>
>

--
Sandeep Thakkar