Oval Definition:	oval:org.opensuse.security:def:64505
Revision Date: 2021-01-20 Version: 1 Title: Security update for postgresql, postgresql13 (Moderate) Description: This update for postgresql, postgresql13 fixes the following issues: This update ships postgresql13. Upgrade to version 13.1: CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/13/release-13-1.html Initial packaging of PostgreSQL 13: https://www.postgresql.org/about/news/2077/ * https://www.postgresql.org/docs/13/release-13.html - bsc#1178961: %ghost the symlinks to pg_config and ecpg. Changes in postgresql wrapper package: - Bump major version to 13. - We also transfer PostgreSQL 9.4.26 to the new package layout in SLE12-SP2 and newer. Reflect this in the conflict with postgresql94. - Also conflict with PostgreSQL versions before 9. - Conflicting with older versions is not limited to SLE. Family: unix Class: patch Status: Reference(s): 1160878 1160883 1160895 1160912 1161252 1162388 1171186 1173274 1174321 1176262 1178666 1178667 1178668 1178961 CVE-2016-5104 CVE-2018-10856 CVE-2019-18901 CVE-2019-20916 CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-14422 CVE-2020-15103 CVE-2020-15999 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003 CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16007 CVE-2020-16008 CVE-2020-16009 CVE-2020-16011 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2020-2574 CVE-2020-6378 CVE-2020-6379 CVE-2020-6380 CVE-2020-6831 openSUSE-SU-2020:0093-1 openSUSE-SU-2020:0289-1 openSUSE-SU-2020:0621-1 openSUSE-SU-2020:0931-1 openSUSE-SU-2020:1332-1 openSUSE-SU-2020:1598-1 SUSE-SU-2021:0175-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information freerdp-2.1.2-lp151.5.9 is installed OR freerdp-devel-2.1.2-lp151.5.9 is installed OR freerdp-proxy-2.1.2-lp151.5.9 is installed OR freerdp-server-2.1.2-lp151.5.9 is installed OR freerdp-wayland-2.1.2-lp151.5.9 is installed OR libfreerdp2-2.1.2-lp151.5.9 is installed OR libuwac0-0-2.1.2-lp151.5.9 is installed OR libwinpr2-2.1.2-lp151.5.9 is installed OR uwac0-0-devel-2.1.2-lp151.5.9 is installed OR winpr2-devel-2.1.2-lp151.5.9 is installed Definition Synopsis openSUSE Leap 15.1 NonFree is installed AND opera-72.0.3815.320-lp152.2.21 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information python-pip-10.0.1-lp152.4.3 is installed OR python2-pip-10.0.1-lp152.4.3 is installed OR python3-pip-10.0.1-lp152.4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed AND Package Information libpq5-13.1-5.3.15 is installed OR libpq5-32bit-13.1-5.3.15 is installed OR postgresql-13-4.6.7 is installed OR postgresql13-13.1-5.3.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information podman-1.0.1-2 is installed OR podman-cni-config-1.0.1-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libusbmuxd-devel-1.0.10-3 is installed OR libusbmuxd4-1.0.10-3 is installed
BACK