Re: Security Vulnerability on PostgreSQL VMs

Ron <ronljohnsonjr@gmail.com>

From: Ron <ronljohnsonjr@gmail.com>
To: pgsql-general@lists.postgresql.org
Date: 2020-07-17T16:03:43Z
Lists: pgsql-general
There has to be some "yum" or "rpm" option to show what depends on those 
packages.

On 7/17/20 10:44 AM, Hilbert, Karin wrote:
> We have PostgreSQL v9.6 & also PostgreSQL v11.8 installed on various Linux 
> VMs with Red Hat Enterprise Linux Server release 7.8 (Maipo) OS.  We're 
> also running repmgr v5.1.0 & PgBouncer v1.13.
>
> We're getting vulnerability reports from our Security Office for the 
> following packages:
>  - python-pulp-agent-lib-2.13.4.16-1.el7sat
>  - python-gofer-2.12.5-5.el7sat
>
> For some reason these packages aren't being updated to the current 
> versions & our LinuxAdmins haven't been able to resolve the update issue.  
> It has something to do with a satellite?  (I'm not a Linux Admin - I don't 
> really know what they're talking about).  Anyway, *are these packages 
> anything that would be required by PostgreSQL, repmgr or PgBouncer?*  It's 
> nothing that I installed on the VMs - I assume that it's something 
> installed along with the OS.  The Linux Admin's recommendation is to just 
> remove these packages.
>
> Thanks,
> Karin Hilbert
>

-- 
Angular momentum makes the world go 'round.