Oval Definition:	oval:org.opensuse.security:def:60191
Revision Date: 2020-12-01 Version: 1 Title: Security update for postgresql10 (Important) Description: This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/10/release-10-15.html Update to 10.14: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. * https://www.postgresql.org/docs/10/release-10-14.html Family: unix Class: patch Status: Reference(s): 1043290 1050087 1052916 1056434 1057389 1058630 1059735 1060382 1066168 1066170 1077559 1077568 1077572 1082283 1082291 1082348 1082362 1082792 1082837 1083628 1083634 1086011 1086036 1100097 1141322 1148987 1158527 1159819 1159913 1162610 1164692 1165631 1166844 1175193 1175194 1178666 1178667 1178668 CVE-2006-2607 CVE-2009-1720 CVE-2009-1721 CVE-2010-0424 CVE-2012-3466 CVE-2013-6418 CVE-2016-2851 CVE-2017-1000251 CVE-2017-11524 CVE-2017-12692 CVE-2017-12693 CVE-2017-13768 CVE-2017-14314 CVE-2017-14505 CVE-2017-14739 CVE-2017-15016 CVE-2017-15017 CVE-2017-16352 CVE-2017-16353 CVE-2017-18209 CVE-2017-18211 CVE-2017-2885 CVE-2017-9500 CVE-2018-12910 CVE-2018-6196 CVE-2018-6197 CVE-2018-6198 CVE-2018-7443 CVE-2018-7470 CVE-2018-8804 CVE-2019-11745 CVE-2019-13627 CVE-2019-17006 CVE-2019-5108 CVE-2020-10531 CVE-2020-14349 CVE-2020-14350 CVE-2020-1749 CVE-2020-1938 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-8597 SUSE-SU-2017:2523-1 SUSE-SU-2018:0857-1 SUSE-SU-2018:2204-1 SUSE-SU-2019:0776-1 SUSE-SU-2019:2510-1 SUSE-SU-2020:0088-1 SUSE-SU-2020:0490-1 SUSE-SU-2020:1180-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information python-paramiko-doc-2.4.2-lp150.2.3 is installed OR python2-paramiko-2.4.2-lp150.2.3 is installed OR python3-paramiko-2.4.2-lp150.2.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND teeworlds-0.7.3.1-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information postgresql10-10.15-4.9 is installed OR postgresql10-contrib-10.15-4.9 is installed OR postgresql10-docs-10.15-4.9 is installed OR postgresql10-plperl-10.15-4.9 is installed OR postgresql10-plpython-10.15-4.9 is installed OR postgresql10-pltcl-10.15-4.9 is installed OR postgresql10-server-10.15-4.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ppp-2.4.7-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information coreutils-8.25-13.7 is installed OR coreutils-lang-8.25-13.7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information icu-52.1-8.10 is installed OR libicu-doc-52.1-8.10 is installed OR libicu52_1-52.1-8.10 is installed OR libicu52_1-32bit-52.1-8.10 is installed OR libicu52_1-data-52.1-8.10 is installed
BACK