Oval Definition:	oval:org.opensuse.security:def:58373
Revision Date: 2020-12-01 Version: 1 Title: Security update for postgresql10 (Important) Description: This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/10/release-10-15.html Update to 10.14: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. * https://www.postgresql.org/docs/10/release-10-14.html Family: unix Class: patch Status: Reference(s): 1003577 1003579 1003580 1013882 1029638 1029639 1029706 1029707 1029751 1038505 1042037 1045160 1045315 1048575 1057406 1082023 1103098 1124211 1139073 1141035 1141322 1141493 1144902 1145092 1153108 1155988 1156321 1157770 1158527 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1159819 1168669 1169746 1170908 1171978 1173022 1175193 1175194 1178666 1178667 1178668 906574 924960 933288 933878 936227 942865 957566 957567 957598 957600 960837 971741 972127 CVE-2012-6706 CVE-2014-8964 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-5073 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2016-1283 CVE-2016-3191 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-12652 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2017-7659 CVE-2017-9789 CVE-2018-5391 CVE-2019-10208 CVE-2019-10218 CVE-2019-10220 CVE-2019-11135 CVE-2019-11139 CVE-2019-11745 CVE-2019-13272 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-1387 CVE-2019-17006 CVE-2019-19604 CVE-2019-7317 CVE-2020-12399 CVE-2020-12402 CVE-2020-14349 CVE-2020-14350 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 SUSE-SU-2016:3161-1 SUSE-SU-2017:0003-1 SUSE-SU-2017:1385-1 SUSE-SU-2017:1745-1 SUSE-SU-2017:2201-1 SUSE-SU-2018:0261-1 SUSE-SU-2019:2159-1 SUSE-SU-2019:2988-1 SUSE-SU-2019:3060-2 SUSE-SU-2020:0088-1 SUSE-SU-2020:1839-1 SUSE-SU-2020:3464-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libXvnc1-1.8.0-lp150.9 is installed OR tigervnc-1.8.0-lp150.9 is installed OR xorg-x11-Xvnc-1.8.0-lp150.9 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libpcre1-8.39-7 is installed OR libpcre1-32bit-8.39-7 is installed OR libpcre16-0-8.39-7 is installed OR pcre-8.39-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20191112a-13.56 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ppp-2.4.7-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information icu-52.1-8.10 is installed OR libicu-doc-52.1-8.10 is installed OR libicu52_1-52.1-8.10 is installed OR libicu52_1-32bit-52.1-8.10 is installed OR libicu52_1-data-52.1-8.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsndfile-1.0.25-36.16 is installed OR libsndfile1-1.0.25-36.16 is installed OR libsndfile1-32bit-1.0.25-36.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libvdpau1-1.1.1-6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information postgresql10-10.15-4.9 is installed OR postgresql10-contrib-10.15-4.9 is installed OR postgresql10-docs-10.15-4.9 is installed OR postgresql10-plperl-10.15-4.9 is installed OR postgresql10-plpython-10.15-4.9 is installed OR postgresql10-pltcl-10.15-4.9 is installed OR postgresql10-server-10.15-4.9 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libsolv-0.6.36-2.16 is installed OR libsolv-tools-0.6.36-2.16 is installed OR libzypp-16.20.0-2.39 is installed OR perl-solv-0.6.36-2.16 is installed OR python-solv-0.6.36-2.16 is installed OR zypper-1.13.51-21.26 is installed OR zypper-log-1.13.51-21.26 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-core-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-core-branding-upstream-5.0+git.1533887407.6e9b0412d-3.8 is installed OR crowbar-devel-5.0+git.1528696845.81a7b5d0-3.3 is installed OR crowbar-ha-5.0+git.1530177874.35b9099-3.3 is installed OR crowbar-init-5.0+git.1520420379.d5bbb35-3.3 is installed OR crowbar-openstack-5.0+git.1534167599.d325ef804-4.8 is installed OR crowbar-ui-1.2.0+git.1533844061.4ac8e723-3.3 is installed
BACK