161 matches found
SUSE-SU-2017:3391-1 Security update for postgresql96
This update for postgresql96 fixes the following issues: Security issues fixed: - CVE-2017-15098: Fix crash due to rowtype mismatch in jsonbpopulaterecordset bsc1067844. - CVE-2017-15099: Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases bsc106784...
openSUSE Security Update : postgresql93 (openSUSE-2016-1140)
The postgresql server postgresql93 was updated to 9.3.14 fixes the following issues : Update to version 9.3.14 : - Fix possible mis-evaluation of nested CASE-WHEN expressions CVE-2016-5423, boo993454 - Fix client programs' handling of special characters in database and role names CVE-2016-5424,...
MGASA-2016-0136 Updated postgresql packages fix security vulnerabilities
Updated postgresql packages fix security vulnerabilities: A vulnerability in PostgreSQL 9.3.x before 9.3.12 and 9.4.x before 9.4.7 leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed und...
MGASA-2016-0085 Updated postgresql packages fix security vulnerabilities
Updated postgresql packages fix security vulnerabilities: PostgreSQL 9.3.x before 9.3.11 and 9.4.x before 9.4.6 does not properly restrict access to unspecified custom configuration settings GUCS for PL/Java, which allows attackers to gain privileges via unspecified vectors CVE-2016-0766...
SUSE-SU-2016:0539-1 Security update for postgresql93
This update for postgresql93 fixes the following issues: - Security and bugfix release 9.3.11: Fix infinite loops and buffer-overrun problems in regular expressions CVE-2016-0773, bsc966436. Fix regular-expression compiler to handle loops of constraint arcs CVE-2007-4772. Prevent certain PL/Java...
SUSE-SU-2016:0482-1 Security update for postgresql94
This update of postgresql94 to 9.4.5 fixes the following issues: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service bsc949670 CVE-2015-5288: crypt pgCrypto extension couldi potentially be exploite...
SUSE-SU-2016:0389-1 Security update for postgresql91
This update of postgresql91 to 9.1.19 fixes the following issues: CVE-2015-5288: crypt pgCrypto extension couldi potentially be exploited to read a few additional bytes of memory bsc949669 Also contains all changes and bugfixes in the upstream 9.1.19 release:...
SUSE-SU-2015:1264-1 Security update for postgresql93
PostgreSQL was updated to the security and bugfix release 9.3.8 including 9.3.7. Security issues fixed: CVE-2015-3165, bsc931972: Avoid possible crash when client disconnects just before the authentication timeout expires. CVE-2015-3166, bsc931973: Consistently check for failure of the printf...
SUSE-SU-2015:0478-1 Security update for postgresql93
postgresql93 was updated to version 9.3.6 to fix four security issues. These security issues were fixed: - CVE-2015-0241: Fix buffer overruns in tochar bnc916953. - CVE-2015-0243: Fix buffer overruns in contrib/pgcrypto bnc916953. - CVE-2015-0244: Fix possible loss of frontend/backend protocol...
openSUSE Security Update : postgresql (openSUSE-SU-2012:0480-1)
Security and bugfix release 9.1.3 : - Require execute permission on the trigger function for 'CREATE TRIGGER' CVE-2012-0866, bnc749299. - Remove arbitrary limitation on length of common name in SSL certificates CVE-2012-0867, bnc749301. - Convert newlines to spaces in names written in pgdump...
BSA-005 Security Update for postgresql-8.4
Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problem: CVE-2010-3433 The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before...
[Backports-security-announce] Security Update for postgresql-8.4
Gerfried Fuchs uploaded new packages for postgresql-8.4 which fixed the following security problems: CVE-2010-1169 PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict...
SLES10: Security update for PostgreSQL
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-libs postgresql-pl postgresql-server More details may also be found by searching fo...
Fedora Core 5 : postgresql-8.1.4-1.FC5.1 (2006-578)
Mon May 22 2006 Tom Lane 8.1.4-1.FC5.1 - Update to PostgreSQL 8.1.4 includes fixes for CVE-2006-2313, CVE-2006-2314; see bug 192173 - Update to PyGreSQL 3.8 - Update to jdbc driver build 406 - Suppress noise from chcon, per bug 187744 Note that Tenable Network Security has extracted the preceding...
Important: Red Hat Security Advisory: postgresql security update
Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 2.1AS. This update has been rated as having important security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS. A flaw...
RHEL 2.1 : postgresql (RHSA-2005:150)
Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 2.1AS. This update has been rated as having important security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS. A flaw...
Important: Red Hat Security Advisory: postgresql security update
Updated postresql packages that correct various security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. A flaw in the LOAD command in PostgreSQL was discovered. A local user could use...
RHEL 3 : rh-postgresql (RHSA-2005:141)
Updated PostgreSQL packages to fix various security flaws are now available for Red Hat Enterprise Linux 3. PostgreSQL is an advanced Object-Relational database management system DBMS. A flaw in the LOAD command in PostgreSQL was discovered. A local user could use this flaw to load arbitrary shar...
[SECURITY] [DSA 667-1] New PostgreSQL packages fix arbitrary library loading
-------------------------------------------------------------------------- Debian Security Advisory DSA 667-1 [email protected] http://www.debian.org/security/ Martin Schulze February 4th, 2005 http://www.debian.org/security/faq -...
Low: Red Hat Security Advisory: rh-postgresql security update
Updated rh-postgresql packages that fix various bugs are now available. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects, and user-defined types and functions. Trustix has identified improper...