Hi Allan,

Sage 300 CRE version 20.5 was released in December which includes an updated version of Actian (Pervasive) PSQL 12.11 - you can find the links here:

https://www.sagecity.com/us/sage_construction_and_real_estate/f/sage-cre-announcements-news-and-tips/178554/sage-300-cre-announcing-the-2021-year-end-version

You can also subscribe to the Sage 300 CRE Announcements, News, and Alerts forum to be notified when a new release is available:

https://www.sagecity.com/us/sage_construction_and_real_estate/f/sage-cre-announcements-news-and-tips

Thanks!

Hi Jesse, Thanks for the reply, however I tried to search through the knowledge base and the release note, I couldn't find the PSQL 12.11 mentioned in version 20.5. Maybe I missed out somewhere, do you happened to know which part indicate on the PSQL portion, as my cyber team is quite particular on this information.

I also cross check with Sage Support, they are not sure about the PSQL versioning vulnerability fixes too, they just ask me to wait for the upcoming release note.

Hi Allan,

I did some checking into this - PSQL 12.11 was a patch that was released by Actian in 2017. We implemented that patch in version 17 or 18 (I'm still getting clarification as to exactly when).

When you install Sage 300 CRE, Actian PSQL 12 installs along with the patch, however if for some reason Actian PSQL 12 is installed or re-installed separately, then the patch needs to also be installed.

You can find the patches for both the server and client PSQL engines in the install folder on the server:

\TIMBERLINE OFFICE\9.5\Accounting\WinInst\Prerequisites

If you need assistance with the patches and you have an active support plan, you can reach out to Sage Support.

Thanks!

Hi Allan,

I did some checking into this - PSQL 12.11 was a patch that was released by Actian in 2017. We implemented that patch in version 17 or 18 (I'm still getting clarification as to exactly when).

When you install Sage 300 CRE, Actian PSQL 12 installs along with the patch, however if for some reason Actian PSQL 12 is installed or re-installed separately, then the patch needs to also be installed.

You can find the patches for both the server and client PSQL engines in the install folder on the server:

\TIMBERLINE OFFICE\9.5\Accounting\WinInst\Prerequisites

If you need assistance with the patches and you have an active support plan, you can reach out to Sage Support.

Thanks!

Hi Jesse,

Does the PSQL Version Vulnerability CVE-2017-11757 resolved in this v12 SP1? As this is what I found in the web regards to this vulnerability:- cve.mitre.org/.../cvename.cgi

I believe we did not reinstalled separately, because PSQL was installed together with Sage.

Hi Jesse, Do you know whether the Vulnerability has been resolved in the PSQL v12SP1 by Sage?