I installed v12.2-4 on my Windows VM, launched StackBuilder and upgraded to version v12.9-1 (the latest stable release) and the registry entry was updated. I've attached the screenshots.
If the installation log is provided, we may know if the upgrade was really successful.
On Thursday, November 11, 2021, Bruce Momjian <bruce@momjian.us> wrote:
On Thu, Nov 11, 2021 at 03:49:29PM +0000, Kishore Isaac wrote: > > > We were informed by a customer using Tenable reports that we needed to upgrade > Postgres from 12.2 to 12.7 due to vulnerability issues. We have since upgraded > to the requested version of Postgres (12.7) but the Tenable report scans still > show that the version is 12.2. After reaching out the Tenable, we found that > the version information is not updated in the system registry where Tenable is > pulling the information from. Is there any resolution for this? > > > > Below is the registry information:
Uh, I have no idea what Tenable is, which I think means we don't control that way of distributing Postgres.
IIUC Tenable is just a system scanner. Apparently whomever built the Windows installer/upgrade binary for this customer (likely EDB) puts version info, during initial install, into the Window’s Registry but doesn’t update that information upon performing a minor release patch. This seems like a bug, though not of the core project but the distributor.