| From: | "Hilbert, Karin" <ioh1(at)psu(dot)edu> |
|---|---|
| To: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Security Vulnerability on PostgreSQL VMs |
| Date: | 2020-07-17 15:44:09 |
| Message-ID: | DM6PR02MB4939F413FCBF04BA63DE7E99897C0@DM6PR02MB4939.namprd02.prod.outlook.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
We have PostgreSQL v9.6 & also PostgreSQL v11.8 installed on various Linux VMs with Red Hat Enterprise Linux Server release 7.8 (Maipo) OS. We're also running repmgr v5.1.0 & PgBouncer v1.13.
We're getting vulnerability reports from our Security Office for the following packages:
- python-pulp-agent-lib-2.13.4.16-1.el7sat
- python-gofer-2.12.5-5.el7sat
For some reason these packages aren't being updated to the current versions & our Linux Admins haven't been able to resolve the update issue. It has something to do with a satellite? (I'm not a Linux Admin - I don't really know what they're talking about). Anyway, are these packages anything that would be required by PostgreSQL, repmgr or PgBouncer? It's nothing that I installed on the VMs - I assume that it's something installed along with the OS. The Linux Admin's recommendation is to just remove these packages.
Thanks,
Karin Hilbert
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron | 2020-07-17 16:03:43 | Re: Security Vulnerability on PostgreSQL VMs |
| Previous Message | Diego | 2020-07-17 15:12:47 | Re: About compress in pg_dump |