PGS9-00-004300 - When updates are applied to PostgreSQL software, any software components that have been replaced or made unnecessary must be removed.

Information

Previous versions of PostgreSQL components that are not removed from the information system after updates have been installed may be exploited by adversaries.

Some PostgreSQL installation tools may remove older versions of software automatically from the information system. In other cases, manual review and removal will be required. In planning installations and upgrades, organizations must include steps (automated, manual, or both) to identify and remove the outdated modules.

A transition period may be necessary when both the old and the new software are required. This should be taken into account in the planning.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Use package managers (RPM or apt-get) for installing PostgreSQL. Unused software is removed when updated.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_PGS_SQL_9-x_V2R5_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-2(6), CAT|II, CCI|CCI-002617, Rule-ID|SV-214084r961677_rule, STIG-ID|PGS9-00-004300, STIG-Legacy|SV-87569, STIG-Legacy|V-72917, Vuln-ID|V-214084

Plugin: Unix

Control ID: ea8e87c01f8f404d2e75e13010a15dc8d38e0001764d4e3d87b0ab645fa27b3d