Oval Definition:oval:org.opensuse.security:def:52169
Revision Date:2020-12-01Version:1
Title:Security update for postgresql10 and postgresql12 (Moderate)
Description:

This update for postgresql10 and postgresql12 fixes the following issues:

postgresql10 was updated to 10.13 (bsc#1171924).

https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html

postgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)

- https://www.postgresql.org/about/news/2011/ - https://www.postgresql.org/docs/10/release-10-12.html

postgresql10 was updated to 10.11:

- https://www.postgresql.org/about/news/1994/ - https://www.postgresql.org/docs/10/release-10-11.html



postgresql12 was updated to 12.3 (bsc#1171924).

Bug Fixes and Improvements:

- Several fixes for GENERATED columns, including an issue where it was possible to crash or corrupt data in a table when the output of the generated column was the exact copy of a physical column on the table, e.g. if the expression called a function which could return its own input. - Several fixes for ALTER TABLE, including ensuring the SET STORAGE directive is propagated to a table's indexes. - Fix a potential race condition when using DROP OWNED BY while another session is deleting the same objects. - Allow for a partition to be detached when it has inherited ROW triggers. - Several fixes for REINDEX CONCURRENTLY, particularly with issues when a REINDEX CONCURRENTLY operation fails. - Fix crash when COLLATE is applied to an uncollatable type in a partition bound expression. - Fix performance regression in floating point overflow/underflow detection. - Several fixes for full text search, particularly with phrase searching. - Fix query-lifespan memory leak for a set-returning function used in a query's FROM clause. - Several reporting fixes for the output of VACUUM VERBOSE. - Allow input of type circle to accept the format (x,y),r, which is specified in the documentation. - Allow for the get_bit() and set_bit() functions to not fail on bytea strings longer than 256MB. - Avoid premature recycling of WAL segments during crash recovery, which could lead to WAL segments being recycled before being archived. - Avoid attempting to fetch nonexistent WAL files from archive storage during recovery by skipping irrelevant timelines. - Several fixes for logical replication and replication slots. - Fix several race conditions in synchronous standby management, including one that occurred when changing the synchronous_standby_names setting. - Several fixes for GSSAPI support, include a fix for a memory leak that occurred when using GSSAPI encryption. - Ensure that members of the pg_read_all_stats role can read all statistics views. - Fix performance regression in information_schema.triggers view. - Fix memory leak in libpq when using sslmode=verify-full. - Fix crash in psql when attempting to re-establish a failed connection. - Allow tab-completion of the filename argument to \gx command in psql. - Add pg_dump support for ALTER ... DEPENDS ON EXTENSION. - Several other fixes for pg_dump, which include dumping comments on RLS policies and postponing restore of event triggers until the end. - Ensure pg_basebackup generates valid tar files. - pg_checksums skips tablespace subdirectories that belong to a different PostgreSQL major version - Several Windows compatibility fixes

This update also contains timezone tzdata release 2020a for DST law changes in Morocco and the Canadian Yukon, plus historical corrections for Shanghai. The America/Godthab zone has been renamed to America/Nuuk to reflect current English usage ; however, the old name remains available as a compatibility link. This also updates initdb's list of known Windows time zone names to include recent additions.

For more details, check out:

- https://www.postgresql.org/docs/12/release-12-3.html

Other fixes:

- Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean and complete cutover to the new packaging schema.
Family:unixClass:patch
Status:Reference(s):1013712
1051510
1055186
1058115
1065600
1065729
1071995
1094244
1104967
1136666
1148643
1152107
1152148
1152472
1152489
1153274
1154353
1155518
1155798
1156395
1158755
1160398
1161074
1161312
1162002
1162629
1162632
1163985
1165280
1165289
1167527
1169511
1170011
1170232
1170774
1171000
1171068
1171073
1171078
1171352
1171558
1171673
1171688
1171732
1171742
1171868
1171924
1172257
1172419
1172757
1172775
1172781
1172782
1172783
1172873
1172999
1173017
1173060
1173115
1173265
1173267
1173280
1173514
1173567
1173573
1173659
1173746
1173999
1174000
1174029
1174110
1174111
1174115
1174358
1174462
1174484
1174486
1174543
1174899
1175263
1175667
1175718
1175749
1175787
1175882
1175952
1175996
1175997
1175998
1175999
1176000
1176001
1176019
1176022
1176038
1176063
1176137
1176235
1176236
1176237
1176242
1176278
1176357
1176358
1176359
1176360
1176361
1176362
1176363
1176364
1176365
1176366
1176367
1176381
1176423
1176449
1176482
1176486
1176507
1176536
1176537
1176538
1176539
1176540
1176541
1176542
1176544
1176545
1176546
1176548
1176558
1176559
1176587
1176588
1176659
1176698
1176699
1176700
1176721
1176722
1176725
1176732
1176763
1176775
1176788
1176789
1176833
1176869
1176877
1176925
1176962
1176980
1176990
1177021
1177030
1177409
1177412
1177413
1177414
CVE-2010-0624
CVE-2010-3430
CVE-2010-3431
CVE-2010-3853
CVE-2011-0465
CVE-2011-2895
CVE-2011-3148
CVE-2011-3149
CVE-2013-4238
CVE-2013-6370
CVE-2013-6371
CVE-2014-0250
CVE-2014-0250
CVE-2014-0791
CVE-2014-0791
CVE-2014-2583
CVE-2016-6321
CVE-2016-9798
CVE-2019-16746
CVE-2019-20908
CVE-2020-0305
CVE-2020-0404
CVE-2020-0427
CVE-2020-0431
CVE-2020-0432
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10769
CVE-2020-10773
CVE-2020-12771
CVE-2020-12888
CVE-2020-13974
CVE-2020-14385
CVE-2020-14390
CVE-2020-14416
CVE-2020-15393
CVE-2020-15780
CVE-2020-1699
CVE-2020-1700
CVE-2020-1720
CVE-2020-25212
CVE-2020-25284
CVE-2020-26088
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-27670
CVE-2020-27671
CVE-2020-27672
CVE-2020-27673
CVE-2020-2773
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
CVE-2020-7059
CVE-2020-7060
CVE-2020-7062
CVE-2020-7063
SUSE-SU-2019:3046-1
SUSE-SU-2020:0296-1
SUSE-SU-2020:0622-1
SUSE-SU-2020:1569-1
SUSE-SU-2020:2879-1
SUSE-SU-2020:3052-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • PackageKit-1.1.10-lp150.2 is installed
  • OR PackageKit-backend-zypp-1.1.10-lp150.2 is installed
  • OR PackageKit-gstreamer-plugin-1.1.10-lp150.2 is installed
  • OR PackageKit-gtk3-module-1.1.10-lp150.2 is installed
  • OR PackageKit-lang-1.1.10-lp150.2 is installed
  • OR libpackagekit-glib2-18-1.1.10-lp150.2 is installed
  • OR typelib-1_0-PackageKitGlib-1_0-1.1.10-lp150.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libecpg6-9.1.15-0.3 is installed
  • OR libpq5-9.1.15-0.3 is installed
  • OR libpq5-32bit-9.1.15-0.3 is installed
  • OR postgresql91-9.1.15-0.3 is installed
  • OR postgresql91-docs-9.1.15-0.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libarchive-3.1.2-9 is installed
  • OR libarchive13-3.1.2-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • freerdp-1.0.2-7 is installed
  • OR libfreerdp-1_0-1.0.2-7 is installed
  • OR libfreerdp-1_0-plugins-1.0.2-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • freerdp-2.0.0~git.1463131968.4e66df7-11 is installed
  • OR libfreerdp2-2.0.0~git.1463131968.4e66df7-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libjson-c2-0.11-2 is installed
  • OR libjson-c2-32bit-0.11-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • apparmor-docs-2.8.2-49 is installed
  • OR apparmor-parser-2.8.2-49 is installed
  • OR apparmor-profiles-2.8.2-49 is installed
  • OR apparmor-utils-2.8.2-49 is installed
  • OR libapparmor1-2.8.2-49 is installed
  • OR libapparmor1-32bit-2.8.2-49 is installed
  • OR pam_apparmor-2.8.2-49 is installed
  • OR pam_apparmor-32bit-2.8.2-49 is installed
  • OR perl-apparmor-2.8.2-49 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libecpg6-32bit-12.3-3.8 is installed
  • OR libpq5-32bit-12.3-3.8 is installed
  • OR postgresql-12.0.1-8.14 is installed
  • OR postgresql-test-12.0.1-8.14 is installed
  • OR postgresql12-12.3-3.8 is installed
  • OR postgresql12-test-12.3-3.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • freeradius-server-3.0.3-10 is installed
  • OR freeradius-server-doc-3.0.3-10 is installed
  • OR freeradius-server-krb5-3.0.3-10 is installed
  • OR freeradius-server-ldap-3.0.3-10 is installed
  • OR freeradius-server-libs-3.0.3-10 is installed
  • OR freeradius-server-mysql-3.0.3-10 is installed
  • OR freeradius-server-perl-3.0.3-10 is installed
  • OR freeradius-server-postgresql-3.0.3-10 is installed
  • OR freeradius-server-python-3.0.3-10 is installed
  • OR freeradius-server-sqlite-3.0.3-10 is installed
  • OR freeradius-server-utils-3.0.3-10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libecpg6-9.6.4-3.6 is installed
  • OR libpq5-9.6.4-3.6 is installed
  • OR libpq5-32bit-9.6.4-3.6 is installed
  • OR postgresql96-9.6.4-3.6 is installed
  • OR postgresql96-contrib-9.6.4-3.6 is installed
  • OR postgresql96-docs-9.6.4-3.6 is installed
  • OR postgresql96-libs-9.6.4-3.6 is installed
  • OR postgresql96-server-9.6.4-3.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gdm-3.10.0.1-52 is installed
  • OR gdm-lang-3.10.0.1-52 is installed
  • OR gdmflexiserver-3.10.0.1-52 is installed
  • OR libgdm1-3.10.0.1-52 is installed
  • OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • hostinfo-1.0.1-19.5 is installed
  • OR supportutils-3.0-95.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND wpa_supplicant-2.6-15.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-4-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • dracut-044-113 is installed
  • OR dracut-fips-044-113 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_103-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-2-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-4-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • postgresql96-9.6.10-3.22 is installed
  • OR postgresql96-contrib-9.6.10-3.22 is installed
  • OR postgresql96-docs-9.6.10-3.22 is installed
  • OR postgresql96-libs-9.6.10-3.22 is installed
  • OR postgresql96-server-9.6.10-3.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cpio-2.11-36.3 is installed
  • OR cpio-lang-2.11-36.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • kernel-default-4.12.14-150.55 is installed
  • OR kernel-default-base-4.12.14-150.55 is installed
  • OR kernel-default-devel-4.12.14-150.55 is installed
  • OR kernel-default-man-4.12.14-150.55 is installed
  • OR kernel-devel-4.12.14-150.55 is installed
  • OR kernel-docs-4.12.14-150.55 is installed
  • OR kernel-macros-4.12.14-150.55 is installed
  • OR kernel-obs-build-4.12.14-150.55 is installed
  • OR kernel-source-4.12.14-150.55 is installed
  • OR kernel-syms-4.12.14-150.55 is installed
  • OR kernel-vanilla-4.12.14-150.55 is installed
  • OR kernel-vanilla-base-4.12.14-150.55 is installed
  • OR kernel-zfcpdump-4.12.14-150.55 is installed
  • OR reiserfs-kmp-default-4.12.14-150.55 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.252-3.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.252-3.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.252-3.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.252-3.35 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • bluez-5.48-5.19 is installed
  • OR bluez-cups-5.48-5.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.24 is installed
  • OR kernel-default-extra-5.3.18-24.24 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • apache2-2.4.16-20.13 is installed
  • OR apache2-doc-2.4.16-20.13 is installed
  • OR apache2-example-pages-2.4.16-20.13 is installed
  • OR apache2-prefork-2.4.16-20.13 is installed
  • OR apache2-utils-2.4.16-20.13 is installed
  • OR apache2-worker-2.4.16-20.13 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libvirt-2.0.0-27.42 is installed
  • OR libvirt-client-2.0.0-27.42 is installed
  • OR libvirt-daemon-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-network-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed
  • OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed
  • OR libvirt-daemon-hooks-2.0.0-27.42 is installed
  • OR libvirt-daemon-lxc-2.0.0-27.42 is installed
  • OR libvirt-daemon-qemu-2.0.0-27.42 is installed
  • OR libvirt-daemon-xen-2.0.0-27.42 is installed
  • OR libvirt-doc-2.0.0-27.42 is installed
  • OR libvirt-lock-sanlock-2.0.0-27.42 is installed
  • OR libvirt-nss-2.0.0-27.42 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.23-3.9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
  • BACK