Oval Definition:oval:org.opensuse.security:def:58780
Revision Date:2021-01-26Version:1
Title:Security update for postgresql, postgresql12, postgresql13 (Important)
Description:

This update for postgresql, postgresql12, postgresql13 fixes the following issues:

Initial packaging of PostgreSQL 13:

https://www.postgresql.org/about/news/2077/ * https://www.postgresql.org/docs/13/release-13.html

Changes in postgresql:

- Bump postgresql major version to 13.

Changes in postgresql12:

- %ghost the symlinks to pg_config and ecpg. (bsc#1178961) - BuildRequire libpq5 and libecpg6 when not building them to avoid dangling symlinks in the devel package. (bsc#1179765) - Fix a DST problem in the test suite.

Changes in postgresql13:

- Add postgresql-icu68.patch: fix build with ICU 68

- %ghost the symlinks to pg_config and ecpg. (bsc#1178961) - BuildRequire libpq5 and libecpg6 when not building them to avoid dangling symlinks in the devel package. (bsc#1179765)

Upgrade to version 13.1:

CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/13/release-13-1.html

- Fix a DST problem in the test suite.


Family:unixClass:patch
Status:Reference(s):1016715
1043978
1047044
1047443
1047898
1050120
1050606
1051446
1052468
1052550
1052710
1052720
1052731
1052732
1055065
1055323
1055434
1055855
1058640
1059751
1059911
1059912
1059913
1069874
1074123
1074969
1074973
1074975
1077355
1087082
1087083
1089343
1104134
1104826
1107832
1110233
1132728
1132729
1132732
1132734
1134718
1141670
1150003
1150250
1155787
1163933
1176409
1176412
1178666
1178667
1178668
1178961
1179765
CVE-2010-0405
CVE-2011-1521
CVE-2011-2721
CVE-2011-3389
CVE-2011-3627
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2012-1457
CVE-2012-1458
CVE-2012-1459
CVE-2012-6706
CVE-2013-1752
CVE-2013-1753
CVE-2013-4238
CVE-2013-6497
CVE-2014-1912
CVE-2014-3970
CVE-2014-4650
CVE-2014-7185
CVE-2014-9050
CVE-2014-9328
CVE-2014-9474
CVE-2015-1142857
CVE-2015-1461
CVE-2015-1462
CVE-2015-1463
CVE-2015-2170
CVE-2015-2221
CVE-2015-2222
CVE-2015-2305
CVE-2015-2668
CVE-2015-9542
CVE-2016-0772
CVE-2016-1000110
CVE-2016-10396
CVE-2016-4975
CVE-2016-5636
CVE-2016-5699
CVE-2016-8743
CVE-2017-10800
CVE-2017-11141
CVE-2017-11529
CVE-2017-11644
CVE-2017-11724
CVE-2017-12434
CVE-2017-12564
CVE-2017-12667
CVE-2017-12670
CVE-2017-12672
CVE-2017-12675
CVE-2017-13060
CVE-2017-13146
CVE-2017-13648
CVE-2017-13658
CVE-2017-14245
CVE-2017-14246
CVE-2017-14326
CVE-2017-14533
CVE-2017-14634
CVE-2017-16942
CVE-2017-17881
CVE-2017-18022
CVE-2017-2518
CVE-2017-6892
CVE-2018-14633
CVE-2018-17182
CVE-2018-3639
CVE-2018-3640
CVE-2018-3646
CVE-2018-5246
CVE-2018-5247
CVE-2019-10245
CVE-2019-1547
CVE-2019-1563
CVE-2019-2602
CVE-2019-2684
CVE-2019-2697
CVE-2019-2698
CVE-2020-14392
CVE-2020-14393
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
SUSE-SU-2018:0130-1
SUSE-SU-2018:0352-1
SUSE-SU-2018:0424-1
SUSE-SU-2018:0674-1
SUSE-SU-2018:2331-1
SUSE-SU-2018:2815-1
SUSE-SU-2019:1644-1
SUSE-SU-2019:2413-1
SUSE-SU-2020:1117-1
SUSE-SU-2020:2661-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libXRes1-1.2.0-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND storeBackup-3.5-lp151.5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libsndfile-1.0.25-36.7 is installed
  • OR libsndfile1-1.0.25-36.7 is installed
  • OR libsndfile1-32bit-1.0.25-36.7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.35-30.50 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.35-30.50 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.35-30.50 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.35-30.50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_53-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_16-10-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND ucode-intel-20180807-13.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND clamav-0.99.2-32 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • qemu-2.9.1-6.44 is installed
  • OR qemu-block-curl-2.9.1-6.44 is installed
  • OR qemu-block-iscsi-2.9.1-6.44 is installed
  • OR qemu-block-rbd-2.9.1-6.44 is installed
  • OR qemu-block-ssh-2.9.1-6.44 is installed
  • OR qemu-guest-agent-2.9.1-6.44 is installed
  • OR qemu-ipxe-1.0.0+-6.44 is installed
  • OR qemu-kvm-2.9.1-6.44 is installed
  • OR qemu-lang-2.9.1-6.44 is installed
  • OR qemu-seabios-1.10.2-6.44 is installed
  • OR qemu-sgabios-8-6.44 is installed
  • OR qemu-tools-2.9.1-6.44 is installed
  • OR qemu-vgabios-1.10.2-6.44 is installed
  • OR qemu-x86-2.9.1-6.44 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_57-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_18-8-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libecpg6-13.1-3.3.1 is installed
  • OR libpq5-13.1-3.3.1 is installed
  • OR libpq5-32bit-13.1-3.3.1 is installed
  • OR postgresql-13-4.7.1 is installed
  • OR postgresql-contrib-13-4.7.1 is installed
  • OR postgresql-docs-13-4.7.1 is installed
  • OR postgresql-plperl-13-4.7.1 is installed
  • OR postgresql-plpython-13-4.7.1 is installed
  • OR postgresql-pltcl-13-4.7.1 is installed
  • OR postgresql-server-13-4.7.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND SuSEfirewall2-3.6.312.333-3.13 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • mariadb-10.2.22-4.11 is installed
  • OR mariadb-client-10.2.22-4.11 is installed
  • OR mariadb-errormessages-10.2.22-4.11 is installed
  • OR mariadb-galera-10.2.22-4.11 is installed
  • OR mariadb-tools-10.2.22-4.11 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • xen-4.9.4_06-3.59 is installed
  • OR xen-doc-html-4.9.4_06-3.59 is installed
  • OR xen-libs-4.9.4_06-3.59 is installed
  • OR xen-libs-32bit-4.9.4_06-3.59 is installed
  • OR xen-tools-4.9.4_06-3.59 is installed
  • OR xen-tools-domU-4.9.4_06-3.59 is installed
  • BACK