262 matches found
OESA-2022-2104 libpq security update
PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...
SUSE-SU-2022:3269-1 Security update for postgresql14
This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension bsc1202368. - Upgrade to version 14.4 bsc1200437 - Release notes:...
Important: postgresql
Issue Overview: A flaw was found in postgresql. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as...
SUSE-SU-2022:2958-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - Upgrade to 12.12: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension bsc1202368. - Upgrade to 12.11: - CVE-2022-1552: Confined additional operations within 'security restricted...
SUSE-SU-2022:2914-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: - Upgrade to 10.22: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension bsc1202368...
Important: Red Hat Security Advisory: postgresql:10 security update
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
RLSA-2022:4855 Important: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.7. Security Fixes: postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox CVE-2022-1552 For more...
Mageia: Security Advisory (MGASA-2021-0121)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALSA-2021:5235 Moderate: postgresql:12 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.9. Security Fixes: postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from...
SUSE-SU-2021:3267-1 Security update for rubygem-activerecord-4_2
This update for rubygem-activerecord-42 fixes the following issues: - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169...
SUSE-SU-2021:3255-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...
SUSE-SU-2021:3119-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...
Important: postgresql92
Issue Overview: A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. CVE-2019-10208 A flaw was found in postgresq...
OPENSUSE-SU-2021:1970-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. - Don't u...
OPENSUSE-SU-2021:1994-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...
SUSE-SU-2021:1994-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...
Important: Red Hat Security Advisory: postgresql:13 security update
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RLSA-2021:2375 Important: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.3. Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memor...
ALSA-2021:2375 Important: postgresql:13 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 13.3. Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memor...
RLSA-2021:2361 Important: postgresql:10 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 10.17. Security Fixes: postgresql: Buffer overrun from integer overflow in array subscripting calculations CVE-2021-32027 postgresql: Memo...