Oval Definition:	oval:org.opensuse.security:def:59441
Revision Date: 2020-12-04 Version: 1 Title: Security update for postgresql12 (Important) Description: This update for postgresql12 fixes the following issues: Upgrade to version 12.5: CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/12/release-12-5.html The previous postgresql12 update already addressed: Update to 12.4: CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. https://www.postgresql.org/docs/12/release-12-4.html Family: unix Class: patch Status: Reference(s): 1002573 1008325 1026236 1027519 1035231 1038984 1045735 1046637 1047785 1049485 1049488 1049489 1049490 1049491 1049578 1051787 1051788 1051789 1052686 1054088 1054671 1055695 1055920 1087082 1087083 1091236 1096141 1100147 1104076 1106383 1106989 1106996 1107609 1111056 1120381 1122033 1124365 1124366 1124368 1128471 1128472 1128474 1128476 1128480 1128481 1128490 1128492 1128493 1128649 1130330 1131317 1132053 1132054 1132060 1133495 1135824 1139083 1139459 1144524 1144902 1151377 1151506 1154043 1155574 1156482 1158328 1159814 1162108 1166847 1168422 1175193 1175194 1178666 1178667 1178668 CVE-2009-0159 CVE-2009-1252 CVE-2013-0157 CVE-2013-5211 CVE-2014-9114 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297 CVE-2014-9298 CVE-2015-1798 CVE-2015-1799 CVE-2015-3405 CVE-2015-5218 CVE-2015-5219 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 CVE-2016-1547 CVE-2016-1548 CVE-2016-1549 CVE-2016-1550 CVE-2016-1551 CVE-2016-2516 CVE-2016-2517 CVE-2016-2518 CVE-2016-2519 CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-4957 CVE-2016-5011 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9042 CVE-2016-9310 CVE-2016-9311 CVE-2017-10664 CVE-2017-11434 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 CVE-2017-2616 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2017-7436 CVE-2018-12472 CVE-2018-16412 CVE-2018-16413 CVE-2018-16644 CVE-2018-20467 CVE-2018-3639 CVE-2018-3640 CVE-2019-10218 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11694 CVE-2019-11698 CVE-2019-11745 CVE-2019-12900 CVE-2019-13456 CVE-2019-13722 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17185 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 CVE-2019-7175 CVE-2019-7317 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-9800 CVE-2019-9815 CVE-2019-9816 CVE-2019-9817 CVE-2019-9818 CVE-2019-9819 CVE-2019-9820 CVE-2019-9956 CVE-2020-14349 CVE-2020-14350 CVE-2020-1712 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-3898 SUSE-SU-2017:2109-1 SUSE-SU-2017:2327-2 SUSE-SU-2017:2344-1 SUSE-SU-2018:3467-1 SUSE-SU-2019:0655-1 SUSE-SU-2019:1033-1 SUSE-SU-2019:2013-1 SUSE-SU-2019:2875-1 SUSE-SU-2019:3347-1 SUSE-SU-2020:1045-1 SUSE-SU-2020:2391-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gstreamer-plugins-ugly-1.12.5-lp150.1 is installed OR gstreamer-plugins-ugly-lang-1.12.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND transfig-3.2.6a-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information res-signingkeys-3.0.38-52.26 is installed OR smt-3.0.38-52.26 is installed OR smt-support-3.0.38-52.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180703-13.25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libblkid1-2.29.2-2 is installed OR libblkid1-32bit-2.29.2-2 is installed OR libfdisk1-2.29.2-2 is installed OR libmount1-2.29.2-2 is installed OR libmount1-32bit-2.29.2-2 is installed OR libsmartcols1-2.29.2-2 is installed OR libuuid1-2.29.2-2 is installed OR libuuid1-32bit-2.29.2-2 is installed OR python-libmount-2.29.2-2 is installed OR util-linux-2.29.2-2 is installed OR util-linux-lang-2.29.2-2 is installed OR util-linux-systemd-2.29.2-2 is installed OR uuidd-2.29.2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ImageMagick-6.8.8.1-71.108 is installed OR ImageMagick-config-6-SUSE-6.8.8.1-71.108 is installed OR ImageMagick-config-6-upstream-6.8.8.1-71.108 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.108 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libecpg6-12.5-3.9.3 is installed OR libpq5-12.5-3.9.3 is installed OR libpq5-32bit-12.5-3.9.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information xen-4.11.4_06-2.33 is installed OR xen-doc-html-4.11.4_06-2.33 is installed OR xen-libs-4.11.4_06-2.33 is installed OR xen-libs-32bit-4.11.4_06-2.33 is installed OR xen-tools-4.11.4_06-2.33 is installed OR xen-tools-domU-4.11.4_06-2.33 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information cups-1.7.5-20.29 is installed OR cups-client-1.7.5-20.29 is installed OR cups-libs-1.7.5-20.29 is installed OR cups-libs-32bit-1.7.5-20.29 is installed
BACK