- Newest
- Most votes
- Most comments
Hello.
It should have been fixed in the minor version mentioned in the documentation below, so I think RDS PostgreSQL also needs to be updated to that minor version.
https://www.postgresql.org/support/security/CVE-2024-10979/
For example, if you are using the 16 series version of RDS PostgreSQL, you will need to update to 16.5.
https://docs.aws.amazon.com/AmazonRDS/latest/PostgreSQLReleaseNotes/postgresql-release-calendar.html
You can change the database engine version by following the steps in the document below.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html
Yes, Amazon RDS and Amazon Aurora for PostgreSQL can be at risk for CVE-2024-10979 if they are running an affected version of PostgreSQL.
To apply the fix:
- Check your PostgreSQL version in RDS or Aurora.
- Update to the patched version. You can enable auto minor version upgrades or manually update through the RDS console.
- Verify the update to ensure the fix is applied.
Always make sure to back up your database before performing any updates.
Relevant content
- asked 9 months ago
- asked 10 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 months ago