Oval Definition:oval:org.opensuse.security:def:60191
Revision Date:2020-12-01Version:1
Title:Security update for postgresql10 (Important)
Description:

This update for postgresql10 fixes the following issues:

Upgrade to version 10.15:

* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/10/release-10-15.html

Update to 10.14:

* CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. * https://www.postgresql.org/docs/10/release-10-14.html

Family:unixClass:patch
Status:Reference(s):1043290
1050087
1052916
1056434
1057389
1058630
1059735
1060382
1066168
1066170
1077559
1077568
1077572
1082283
1082291
1082348
1082362
1082792
1082837
1083628
1083634
1086011
1086036
1100097
1141322
1148987
1158527
1159819
1159913
1162610
1164692
1165631
1166844
1175193
1175194
1178666
1178667
1178668
CVE-2006-2607
CVE-2009-1720
CVE-2009-1721
CVE-2010-0424
CVE-2012-3466
CVE-2013-6418
CVE-2016-2851
CVE-2017-1000251
CVE-2017-11524
CVE-2017-12692
CVE-2017-12693
CVE-2017-13768
CVE-2017-14314
CVE-2017-14505
CVE-2017-14739
CVE-2017-15016
CVE-2017-15017
CVE-2017-16352
CVE-2017-16353
CVE-2017-18209
CVE-2017-18211
CVE-2017-2885
CVE-2017-9500
CVE-2018-12910
CVE-2018-6196
CVE-2018-6197
CVE-2018-6198
CVE-2018-7443
CVE-2018-7470
CVE-2018-8804
CVE-2019-11745
CVE-2019-13627
CVE-2019-17006
CVE-2019-5108
CVE-2020-10531
CVE-2020-14349
CVE-2020-14350
CVE-2020-1749
CVE-2020-1938
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
CVE-2020-8597
SUSE-SU-2017:2523-1
SUSE-SU-2018:0857-1
SUSE-SU-2018:2204-1
SUSE-SU-2019:0776-1
SUSE-SU-2019:2510-1
SUSE-SU-2020:0088-1
SUSE-SU-2020:0490-1
SUSE-SU-2020:1180-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • python-paramiko-doc-2.4.2-lp150.2.3 is installed
  • OR python2-paramiko-2.4.2-lp150.2.3 is installed
  • OR python3-paramiko-2.4.2-lp150.2.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND teeworlds-0.7.3.1-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • postgresql10-10.15-4.9 is installed
  • OR postgresql10-contrib-10.15-4.9 is installed
  • OR postgresql10-docs-10.15-4.9 is installed
  • OR postgresql10-plperl-10.15-4.9 is installed
  • OR postgresql10-plpython-10.15-4.9 is installed
  • OR postgresql10-pltcl-10.15-4.9 is installed
  • OR postgresql10-server-10.15-4.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cron-4.2-58 is installed
  • OR cronie-1.4.11-58 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND ppp-2.4.7-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND shadow-4.2.1-27.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • coreutils-8.25-13.7 is installed
  • OR coreutils-lang-8.25-13.7 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.31 is installed
  • OR libvncclient0-0.9.9-17.31 is installed
  • OR libvncserver0-0.9.9-17.31 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • icu-52.1-8.10 is installed
  • OR libicu-doc-52.1-8.10 is installed
  • OR libicu52_1-52.1-8.10 is installed
  • OR libicu52_1-32bit-52.1-8.10 is installed
  • OR libicu52_1-data-52.1-8.10 is installed
  • BACK