Oval Definition:	oval:org.opensuse.security:def:55772
Revision Date: 2020-12-04 Version: 1 Title: Security update for postgresql12 (Important) Description: This update for postgresql12 fixes the following issues: Upgrade to version 12.5: CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/12/release-12-5.html The previous postgresql12 update already addressed: Update to 12.4: CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. https://www.postgresql.org/docs/12/release-12-4.html Family: unix Class: patch Status: Reference(s): 1000396 1001299 1001759 1010829 1013659 1013678 1013680 1016712 1016714 1016715 1040039 1047184 1049305 1049306 1049307 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1052318 1064071 1064072 1064073 1064075 1064077 1064078 1064079 1064080 1064081 1064082 1064083 1064084 1064085 1064086 1076118 1090638 1107832 1108963 1110233 1111498 1117025 1117382 1120658 1122000 1122344 1123333 1123892 1125352 1175193 1175194 1178666 1178667 1178668 853824 858673 870444 884698 885302 894575 897816 898812 898884 901924 911363 920057 922709 932996 935634 938344 939709 939712 980663 987394 CVE-2013-6425 CVE-2014-0015 CVE-2014-3591 CVE-2014-3613 CVE-2014-3707 CVE-2014-6277 CVE-2014-6278 CVE-2014-8150 CVE-2014-9474 CVE-2015-0837 CVE-2015-2751 CVE-2015-3259 CVE-2015-4164 CVE-2015-5154 CVE-2015-5165 CVE-2015-5166 CVE-2016-0634 CVE-2016-0736 CVE-2016-0752 CVE-2016-10165 CVE-2016-2161 CVE-2016-6153 CVE-2016-7543 CVE-2016-8743 CVE-2016-9445 CVE-2016-9446 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-17833 CVE-2017-3145 CVE-2018-14633 CVE-2018-14634 CVE-2018-17182 CVE-2019-6454 CVE-2020-14349 CVE-2020-14350 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 SUSE-SU-2015:1479-2 SUSE-SU-2015:1626-1 SUSE-SU-2016:1945-1 SUSE-SU-2016:2872-1 SUSE-SU-2016:3297-1 SUSE-SU-2017:0801-1 SUSE-SU-2018:0005-1 SUSE-SU-2018:0303-1 SUSE-SU-2018:2779-1 SUSE-SU-2018:3171-1 SUSE-SU-2019:0428-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaThunderbird-52.7-lp150.2 is installed OR MozillaThunderbird-translations-common-52.7-lp150.2 is installed OR MozillaThunderbird-translations-other-52.7-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND system-user-root-20190513-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information curl-7.19.7-1.20.31 is installed OR libcurl4-7.19.7-1.20.31 is installed OR libcurl4-32bit-7.19.7-1.20.31 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information curl-7.19.7-1.40 is installed OR libcurl4-7.19.7-1.40 is installed OR libcurl4-32bit-7.19.7-1.40 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libsqlite3-0-3.8.10.2-3 is installed OR libsqlite3-0-32bit-3.8.10.2-3 is installed OR sqlite3-3.8.10.2-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libsystemd0-228-150.63 is installed OR libsystemd0-32bit-228-150.63 is installed OR libudev1-228-150.63 is installed OR libudev1-32bit-228-150.63 is installed OR systemd-228-150.63 is installed OR systemd-32bit-228-150.63 is installed OR systemd-bash-completion-228-150.63 is installed OR systemd-sysvinit-228-150.63 is installed OR udev-228-150.63 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libmpfr4-3.1.2-7 is installed OR libmpfr4-32bit-3.1.2-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXcursor1-1.1.14-3 is installed OR libXcursor1-32bit-1.1.14-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.73 is installed OR kernel-default-base-4.4.121-92.73 is installed OR kernel-default-devel-4.4.121-92.73 is installed OR kernel-devel-4.4.121-92.73 is installed OR kernel-macros-4.4.121-92.73 is installed OR kernel-source-4.4.121-92.73 is installed OR kernel-syms-4.4.121-92.73 is installed OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libecpg6-12.5-3.9.3 is installed OR libpq5-12.5-3.9.3 is installed OR libpq5-32bit-12.5-3.9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.55-38.44 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND gdb-8.3.1-2.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-filters-1.0.58-19.2 is installed OR cups-filters-cups-browsed-1.0.58-19.2 is installed OR cups-filters-foomatic-rip-1.0.58-19.2 is installed OR cups-filters-ghostscript-1.0.58-19.2 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-actionview-4_2-4.2.2-5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libdcerpc-atsvc0-4.2.4-28.29 is installed OR samba-4.2.4-28.29 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.121 is installed OR kernel-default-base-4.4.180-94.121 is installed OR kernel-default-devel-4.4.180-94.121 is installed OR kernel-default-kgraft-4.4.180-94.121 is installed OR kernel-devel-4.4.180-94.121 is installed OR kernel-macros-4.4.180-94.121 is installed OR kernel-source-4.4.180-94.121 is installed OR kernel-syms-4.4.180-94.121 is installed OR kgraft-patch-4_4_180-94_121-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_32-1-4.5 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND haproxy-1.6.11-11.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.23-3.12 is installed
BACK