We are being told by our vulnerability scanning group at our version of PostgreSQL are at risk. As per this advisory - https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/ , they are stating we should be moving to 14.22. Are there plans to update the NTM package to include the newer version of PostgreSQL? We are currently being given a deadline of May of this year to comply.
Thanks!
Hey Art! We’ll be updating the version of PGSQL shipped with Threat Manager to 14.22 well before May. Keep an eye out for release notes so you know when that becomes available.
Also, I forgot to mention in my last post, you can go to the EDB website and grab the latest version of PG14 and install it to replace what we shipped in the last hotfix.
A note to others that may come across this later, you must install the same major version of PGSQL, in this case 14, and you must have already installed PGSQL with our installer that we ship so it sets up the database and schema.
Tried to download and run the 14.22 patch, got this message. It did appear to finish and NTM is currently running. Curious if you or anyone else has seen this.
Haven’t seen or had this reported yet. I’m curious if you reboot the NTM server if PGSQL is going to automatically start. Based on the error, I imagine that is worth checking.
I did reboot and it did start so I guess I’m good to go. It does show 14.22 as the version as well.
