Oval Definition:	oval:org.opensuse.security:def:60799
Revision Date: 2020-12-01 Version: 1 Title: Security update for postgresql10 (Important) Description: This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/10/release-10-15.html Update to 10.14: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules' installation scripts more secure. * https://www.postgresql.org/docs/10/release-10-14.html Family: unix Class: patch Status: Reference(s): 1005778 1005780 1005781 1012382 1019695 1019696 1022604 1027282 1040621 1041090 1042670 1051684 1051685 1053043 1053259 1063638 1065600 1066223 1073269 1073748 1078326 1078485 1081750 1084650 1085535 1085539 1086001 1086598 1090888 1099658 1100132 1100365 1105435 1106110 1106284 1106929 1108293 1108838 1110785 1110946 1112063 1112178 1116803 1117562 1119086 1120642 1120843 1120885 1120902 1122776 1125580 1126040 1126356 1128052 1129138 1129770 1130972 1131107 1131488 1131543 1131565 1132212 1132256 1132374 1132472 1133188 1133874 1134160 1134162 1134338 1134537 1134564 1134565 1134566 1134651 1134760 1134806 1134813 1134848 1135013 1135014 1135015 1135100 1135120 1135170 1135281 1135603 1135642 1135661 1135878 1136424 1136438 1136446 1136448 1136449 1136451 1136452 1136455 1136458 1136539 1136573 1136575 1136586 1136590 1136623 1136810 1136935 1136990 1137142 1137162 1137586 1137739 1137752 1139073 1141035 1149332 1149792 1153830 1154212 1155094 1155988 1158442 1159035 1160968 1162224 1162367 1162825 1162972 1165643 1165784 1165894 1168930 1169605 1169786 1169936 1170302 1170411 1170741 1170939 1171561 1171878 1172085 1174157 1175193 1175194 1176013 1178666 1178667 1178668 843419 945401 CVE-2013-4343 CVE-2017-6891 CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 CVE-2018-1000654 CVE-2018-14348 CVE-2018-17972 CVE-2018-3741 CVE-2018-7191 CVE-2019-11070 CVE-2019-11135 CVE-2019-11139 CVE-2019-11190 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-18348 CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-3846 CVE-2019-5436 CVE-2019-5489 CVE-2019-6201 CVE-2019-6251 CVE-2019-7285 CVE-2019-7292 CVE-2019-8503 CVE-2019-8506 CVE-2019-8515 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2019-9674 CVE-2020-10029 CVE-2020-11008 CVE-2020-14349 CVE-2020-14350 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-2583 CVE-2020-2593 CVE-2020-2604 CVE-2020-2659 CVE-2020-5260 CVE-2020-8492 CVE-2020-9543 SUSE-SU-2017:2356-1 SUSE-SU-2018:2143-1 SUSE-SU-2019:1527-1 SUSE-SU-2019:2182-1 SUSE-SU-2019:2988-1 SUSE-SU-2020:0456-1 SUSE-SU-2020:0660-1 SUSE-SU-2020:1295-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:2861-1 SUSE-SU-2020:3024-1 SUSE-SU-2020:3464-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gvim-8.0.1568-lp151.5.3 is installed OR vim-8.0.1568-lp151.5.3 is installed OR vim-data-8.0.1568-lp151.5.3 is installed OR vim-data-common-8.0.1568-lp151.5.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information chromedriver-84.0.4147.135-lp152.2.17 is installed OR chromium-84.0.4147.135-lp152.2.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libecpg6-9.6.4-3.6 is installed OR libpq5-9.6.4-3.6 is installed OR libpq5-32bit-9.6.4-3.6 is installed OR postgresql96-9.6.4-3.6 is installed OR postgresql96-contrib-9.6.4-3.6 is installed OR postgresql96-docs-9.6.4-3.6 is installed OR postgresql96-libs-9.6.4-3.6 is installed OR postgresql96-server-9.6.4-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-113 is installed OR glibc-32bit-2.22-113 is installed OR glibc-devel-2.22-113 is installed OR glibc-devel-32bit-2.22-113 is installed OR glibc-html-2.22-113 is installed OR glibc-i18ndata-2.22-113 is installed OR glibc-info-2.22-113 is installed OR glibc-locale-2.22-113 is installed OR glibc-locale-32bit-2.22-113 is installed OR glibc-profile-2.22-113 is installed OR glibc-profile-32bit-2.22-113 is installed OR nscd-2.22-113 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.55-38.44 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-devel-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.1-2.41 is installed OR libwebkit2gtk-4_0-37-2.24.1-2.41 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.1-2.41 is installed OR typelib-1_0-WebKit2-4_0-2.24.1-2.41 is installed OR webkit2gtk-4_0-injected-bundles-2.24.1-2.41 is installed OR webkit2gtk3-2.24.1-2.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND kdump-0.8.16-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information ghostscript-9.52-23.39 is installed OR ghostscript-x11-9.52-23.39 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information postgresql10-10.15-4.9 is installed OR postgresql10-contrib-10.15-4.9 is installed OR postgresql10-docs-10.15-4.9 is installed OR postgresql10-plperl-10.15-4.9 is installed OR postgresql10-plpython-10.15-4.9 is installed OR postgresql10-pltcl-10.15-4.9 is installed OR postgresql10-server-10.15-4.9 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information grub2-2.02-12.31 is installed OR grub2-i386-pc-2.02-12.31 is installed OR grub2-snapper-plugin-2.02-12.31 is installed OR grub2-systemd-sleep-plugin-2.02-12.31 is installed OR grub2-x86_64-efi-2.02-12.31 is installed OR grub2-x86_64-xen-2.02-12.31 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
BACK