Re: Security Vulnerability on PostgreSQL VMs - Mailing list pgsql-general

From Ron
Subject Re: Security Vulnerability on PostgreSQL VMs
Date
Msg-id 4f8aeea5-af08-49d5-e5e2-18f3a6efe67a@gmail.com
Whole thread Raw
In response to Security Vulnerability on PostgreSQL VMs  ("Hilbert, Karin" <ioh1@psu.edu>)
List pgsql-general
There has to be some "yum" or "rpm" option to show what depends on those packages.

On 7/17/20 10:44 AM, Hilbert, Karin wrote:
P {margin-top:0;margin-bottom:0;}
We have PostgreSQL v9.6 & also PostgreSQL v11.8 installed on various Linux VMs with Red Hat Enterprise Linux Server release 7.8 (Maipo) OS.  We're also running repmgr v5.1.0 & PgBouncer v1.13.

We're getting vulnerability reports from our Security Office for the following packages:
 - python-pulp-agent-lib-2.13.4.16-1.el7sat
 - python-gofer-2.12.5-5.el7sat

For some reason these packages aren't being updated to the current versions & our Linux Admins haven't been able to resolve the update issue.  It has something to do with a satellite?   (I'm not a Linux Admin - I don't really know what they're talking about).  Anyway, are these packages anything that would be required by PostgreSQL, repmgr or PgBouncer?  It's nothing that I installed on the VMs - I assume that it's something installed along with the OS.  The Linux Admin's recommendation is to just remove these packages.

Thanks, 
Karin Hilbert


--
Angular momentum makes the world go 'round.

pgsql-general by date:

Previous
From: "Hilbert, Karin"
Date:
Subject: Security Vulnerability on PostgreSQL VMs
Next
From: Diego
Date:
Subject: Re: Security Vulnerability on PostgreSQL VMs