Oval Definition:oval:org.opensuse.security:def:68510
Revision Date:2021-01-20Version:1
Title:Security update for postgresql, postgresql13 (Moderate)
Description:

This update for postgresql, postgresql13 fixes the following issues:

This update ships postgresql13.

Upgrade to version 13.1:

CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb. b) When psql's \connect command re-uses connection parameters, ensure that all non-overridden parameters from a previous connection string are re-used. * CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from modifying specially-treated variables. * Fix recently-added timetz test case so it works when the USA is not observing daylight savings time. (obsoletes postgresql-timetz.patch) * https://www.postgresql.org/about/news/2111/ * https://www.postgresql.org/docs/13/release-13-1.html

Initial packaging of PostgreSQL 13:

https://www.postgresql.org/about/news/2077/ * https://www.postgresql.org/docs/13/release-13.html

- bsc#1178961: %ghost the symlinks to pg_config and ecpg.

Changes in postgresql wrapper package:

- Bump major version to 13. - We also transfer PostgreSQL 9.4.26 to the new package layout in SLE12-SP2 and newer. Reflect this in the conflict with postgresql94. - Also conflict with PostgreSQL versions before 9. - Conflicting with older versions is not limited to SLE.
Family:unixClass:patch
Status:Reference(s):1094814
1125433
1136981
1136986
1136992
1137930
1138459
1141853
1178666
1178667
1178668
1178961
CVE-2018-20852
CVE-2019-10160
CVE-2019-12447
CVE-2019-12448
CVE-2019-12449
CVE-2019-12795
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
SUSE-SU-2019:1717-1
SUSE-SU-2019:2050-1
SUSE-SU-2021:0175-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • python3-base-3.6.8-3.23 is installed
  • OR python3-tools-3.6.8-3.23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • gvfs-1.34.2.1-4.13 is installed
  • OR gvfs-backend-afc-1.34.2.1-4.13 is installed
  • OR gvfs-backend-samba-1.34.2.1-4.13 is installed
  • OR gvfs-backends-1.34.2.1-4.13 is installed
  • OR gvfs-devel-1.34.2.1-4.13 is installed
  • OR gvfs-fuse-1.34.2.1-4.13 is installed
  • OR gvfs-lang-1.34.2.1-4.13 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed
  • AND Package Information
  • postgresql-test-13-4.6.7 is installed
  • OR postgresql13-test-13.1-5.3.15 is installed
  • BACK