安全漏洞

安全漏洞补丁公告

当前位置  >  首页  >  服务支持  >  安全漏洞  >  安全漏洞补丁公告

公告ID(KYSA-202106-0003

摘要:postgresql-12安全漏洞 安全等级:中等 公告ID:KYSA-202106-0003 发布日期: 2021-06-30 影响CVE:CVE-2021-32027,CVE-2021-32028,CVE-2021-32029

详细介绍

1. 修复的CVE信息

  • CVE-2021-32027

    ZOHO ManageEngine OpManager是美国卓豪(ZOHO)公司的一套网络、服务器及虚拟化监控软件。Zoho ManageEngine OpManager中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。以下产品及版本受到影响:Zoho ManageEngine OpManager: 12.5 125000, 12.5 125001, 12.5 125002, 12.5 125003, 12.5 125004, 12.5 125005, 12.5 125006, 12.5 125007, 12.5 125008, 12.5 125009, 12.5 125010, 12.5 125100, 12.5 125101, 12.5 125102, 12.5 125108, 12.5 125110, 12.5 125111, 12.5 125112, 12.5 125113, 12.5 125114, 12.5 125116, 12.5 125117, 12.5 125118, 12.5 125120, 12.5 125121, 12.5 125123, 12.5 125124, 12.5 125125, 12.5 125127, 12.5 125128, 12.5 125129, 12.5 125136, 12.5 125137, 12.5 125139, 12.5 125140, 12.5 125143, 12.5 125144, 12.5 125145, 12.5 125147, 12.5 125148, 12.5 125149, 12.5 125150, 12.5 125156, 12.5 125157, 12.5 125158, 12.5 125159, 12.5 125161, 12.5 125163, 12.5 125174, 12.5 125175, 12.5 125176, 12.5 125177, 12.5 125178, 12.5 125180, 12.5 125181, 12.5 125192, 12.5 125193, 12.5 125194, 12.5 125195, 12.5 125196, 12.5 125197, 12.5 125198, 12.5 125201, 12.5 125203, 12.5 125204, 12.5 125212, 12.5 125213, 12.5 125214, 12.5 125215, 12.5 125216, 12.5 125221, 12.5 125228, 12.5 125229, 12.5 125230, 12.5 125231, 12.5 125232, 12.5 125233, 12.5 125235, 12.5 125300, 12.5 125306, 12.5 125307, 12.5 125312, 12.5 125323, 12.5 125324, 12.5 125326, 12.5 125328, 12.5 125329, 12.5 125340, 12.5 125341, 12.5 125342, 12.5 125343, 12.5 125344, 12.5 125346, 12.5 125358, 12.5 125359, 12.5 125360, 12.5 125361, 12.5 125362, 12.5 125364, 12.5 125366, 12.5 125375, 12.5 125376, 12.5 125377, 12.5 125378, 12.5 125379, 12.5 125380, 12.5 125381, 12.5 125382, 12.5 125392, 12.5 125393, 12.5 125394

  • CVE-2021-32028

    Red Hat是美国红帽(Red Hat)公司的一个操作系统。提供了一个开源的操作系统。Red Hat Enterprise Linux 中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。以下产品及版本受到影响:Zoho ManageEngine OpManager: 12.5 125000, 12.5 125001, 12.5 125002, 12.5 125003, 12.5 125004, 12.5 125005, 12.5 125006, 12.5 125007, 12.5 125008, 12.5 125009, 12.5 125010, 12.5 125100, 12.5 125101, 12.5 125102, 12.5 125108, 12.5 125110, 12.5 125111, 12.5 125112, 12.5 125113, 12.5 125114, 12.5 125116, 12.5 125117, 12.5 125118, 12.5 125120, 12.5 125121, 12.5 125123, 12.5 125124, 12.5 125125, 12.5 125127, 12.5 125128, 12.5 125129, 12.5 125136, 12.5 125137, 12.5 125139, 12.5 125140, 12.5 125143, 12.5 125144, 12.5 125145, 12.5 125147, 12.5 125148, 12.5 125149, 12.5 125150, 12.5 125156, 12.5 125157, 12.5 125158, 12.5 125159, 12.5 125161, 12.5 125163, 12.5 125174, 12.5 125175, 12.5 125176, 12.5 125177, 12.5 125178, 12.5 125180, 12.5 125181, 12.5 125192, 12.5 125193, 12.5 125194, 12.5 125195, 12.5 125196, 12.5 125197, 12.5 125198, 12.5 125201, 12.5 125203, 12.5 125204, 12.5 125212, 12.5 125213, 12.5 125214, 12.5 125215, 12.5 125216, 12.5 125221, 12.5 125228, 12.5 125229, 12.5 125230, 12.5 125231, 12.5 125232, 12.5 125233, 12.5 125235, 12.5 125300, 12.5 125306, 12.5 125307, 12.5 125312, 12.5 125323, 12.5 125324, 12.5 125326, 12.5 125328, 12.5 125329, 12.5 125340, 12.5 125341, 12.5 125342, 12.5 125343, 12.5 125344, 12.5 125346, 12.5 125358, 12.5 125359, 12.5 125360, 12.5 125361, 12.5 125362, 12.5 125364, 12.5 125366, 12.5 125375, 12.5 125376, 12.5 125377, 12.5 125378, 12.5 125379, 12.5 125380, 12.5 125381, 12.5 125382, 12.5 125392, 12.5 125393, 12.5 125394

  • CVE-2021-32029

    ZOHO ManageEngine OpManager是美国卓豪(ZOHO)公司的一套网络、服务器及虚拟化监控软件。ZOHO ManageEngine OpManager 中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。以下产品及版本受到影响:Zoho ManageEngine OpManager: 12.5 125000, 12.5 125001, 12.5 125002, 12.5 125003, 12.5 125004, 12.5 125005, 12.5 125006, 12.5 125007, 12.5 125008, 12.5 125009, 12.5 125010, 12.5 125100, 12.5 125101, 12.5 125102, 12.5 125108, 12.5 125110, 12.5 125111, 12.5 125112, 12.5 125113, 12.5 125114, 12.5 125116, 12.5 125117, 12.5 125118, 12.5 125120, 12.5 125121, 12.5 125123, 12.5 125124, 12.5 125125, 12.5 125127, 12.5 125128, 12.5 125129, 12.5 125136, 12.5 125137, 12.5 125139, 12.5 125140, 12.5 125143, 12.5 125144, 12.5 125145, 12.5 125147, 12.5 125148, 12.5 125149, 12.5 125150, 12.5 125156, 12.5 125157, 12.5 125158, 12.5 125159, 12.5 125161, 12.5 125163, 12.5 125174, 12.5 125175, 12.5 125176, 12.5 125177, 12.5 125178, 12.5 125180, 12.5 125181, 12.5 125192, 12.5 125193, 12.5 125194, 12.5 125195, 12.5 125196, 12.5 125197, 12.5 125198, 12.5 125201, 12.5 125203, 12.5 125204, 12.5 125212, 12.5 125213, 12.5 125214, 12.5 125215, 12.5 125216, 12.5 125221, 12.5 125228, 12.5 125229, 12.5 125230, 12.5 125231, 12.5 125232, 12.5 125233, 12.5 125235, 12.5 125300, 12.5 125306, 12.5 125307, 12.5 125312, 12.5 125323, 12.5 125324, 12.5 125326, 12.5 125328, 12.5 125329, 12.5 125340, 12.5 125341, 12.5 125342, 12.5 125343, 12.5 125344, 12.5 125346, 12.5 125358, 12.5 125359, 12.5 125360, 12.5 125361, 12.5 125362, 12.5 125364, 12.5 125366, 12.5 125375, 12.5 125376, 12.5 125377, 12.5 125378, 12.5 125379, 12.5 125380, 12.5 125381, 12.5 125382, 12.5 125392, 12.5 125393, 12.5 125394

2. 受影响的软件包

  • 银河麒麟桌面操作系统V10 SP1

    libecpg-compat3

    libecpg-dev

    libecpg6

    libpgtypes3

    libpq-dev

    libpq5

    postgresql-12

    postgresql-client-12

    postgresql-doc-12

    postgresql-plperl-12

    postgresql-plpython3-12

    postgresql-pltcl-12

    postgresql-server-dev-12


3. 影响的操作系统

银河麒麟桌面操作系统V10 SP1

4. 修复版本

软件包:postgresql-12

(V10 SP1)

5. 修复方法

方法一:配置源进行升级安装

打开软件包源配置文件,根据仓库地址进行修改。

4.0.2桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2-desktop main restricted universe multiverse

4.0.2-sp1桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp1-desktop main restricted universe multiverse

4.0.2-sp2桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-desktop main restricted universe multiverse

4.0.2-sp3桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp3-desktop main restricted universe multiverse

4.0.2-sp4桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp4-desktop main restricted universe multiverse

10.0版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 10.0 main restricted universe multiverse

10SP1版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main restricted universe multiverse

配置完成后执行更新命令进行升级。$sudo apt update

方法二:下载安装包进行升级安装

通过软件包地址下载软件包,使用软件包升级命令根据受影响的组件包列表 升级相关的组件包。$dpkg -i Packagelists

6. 软件包下载地址



上一篇: KYSA-202106-0002 下一篇: KYSA-202106-0005

试用

服务

动态

联系