262 matches found
SUSE-SU-2021:1785-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...
OPENSUSE-SU-2021:0337-1 Security update for postgresql, postgresql13
This update for postgresql, postgresql13 fixes the following issues: This update ships postgresql13. Upgrade to version 13.1: CVE-2020-25695, bsc1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. CVE-2020-25694,...
SUSE-SU-2021:0543-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to version 13.2: Updating stored views and reindexing might be needed after applying this update. CVE-2021-3393, bsc1182040: Fix information leakage in constraint-violation error messages. CVE-2021-20229, bsc1182039: Fix failure to...
SUSE-SU-2021:0217-1 Security update for postgresql, postgresql12, postgresql13
This update for postgresql, postgresql12, postgresql13 fixes the following issues: Initial packaging of PostgreSQL 13: https://www.postgresql.org/about/news/2077/ https://www.postgresql.org/docs/13/release-13.html Changes in postgresql: - Bump postgresql major version to 13. Changes in...
Important: Red Hat Security Advisory: postgresql:10 security update
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
Important: Red Hat Security Advisory: postgresql:10 security update
An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
ALSA-2020:5620 Important: postgresql:12 security update
PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version: postgresql 12.5. Security Fixes: postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features...
Important: Red Hat Security Advisory: rh-postgresql10-postgresql security update
An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
OPENSUSE-SU-2020:2029-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - Upgrade to version 12.5: CVE-2020-25695, bsc1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. CVE-2020-25694, bsc1178667: a Fix usage of complex...
SUSE-SU-2020:3477-1 Security update for postgresql96
This update for postgresql96 fixes the following issues: Upgrade to version 9.6.20: CVE-2020-25695, bsc1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. CVE-2020-25694, bsc1178667: a Fix usage of complex...
SUSE-SU-2020:3425-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - Upgrade to version 12.5: CVE-2020-25695, bsc1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. CVE-2020-25694, bsc1178667: a Fix usage of complex...
USN-4633-1 postgresql-10, postgresql-12, postgresql-9.5 vulnerabilities
Peter Eisentraut discovered that PostgreSQL incorrectly handled connection security settings. Client applications could possibly be connecting with certain security parameters dropped, contrary to expectations. CVE-2020-25694 Etienne Stalmans discovered that PostgreSQL incorrectly handled the...
MGASA-2020-0365 Updated postgresql packages fix security vulnerabilities
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the...
SUSE-SU-2020:2271-1 Security update for postgresql12
This update for postgresql12 fixes the following issues: - update to 12.4: CVE-2020-14349, bsc1175193: Set a secure searchpath in logical replication walsenders and apply workers CVE-2020-14350, bsc1175194: Make contrib modules' installation scripts more secure...
OPENSUSE-SU-2020:1228-1 Security update for postgresql, postgresql96, postgresql10, postgresql12
This update for postgresql, postgresql96, postgresql10, postgresql12 fixes the following issues: Postgresql12 was updated to 12.3 bsc1171924. - https://www.postgresql.org/about/news/2038/ - https://www.postgresql.org/docs/12/release-12-3.html - Let postgresqlXX conflict with postgresql-noarch...
OPENSUSE-SU-2020:1227-1 Security update for postgresql96, postgresql10 and postgresql12
This update for postgresql96, postgresql10 and postgresql12 fixes the following issues: postgresql10 was updated to 10.13 bsc1171924. https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html postgresql10 was updated to 10.12 CVE-2020-1720, bsc1163985 -...
postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML
A flaw was found in PostgreSQL JDBC in versions prior to 42.2.13. An XML External Entity XXE weakness was found in PostgreSQL JDBC. The highest threat from this vulnerability is to data confidentiality and system availability...
SUSE-SU-2020:0715-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension bsc1163985...
OPENSUSE-SU-2020:0331-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension bsc1163985. This update was imported from the SUSE:SLE-15:Update update project...
Updated postgresql packages fix security vulnerability
Updated postgresql9.6 and postgresql11 packages fix security vulnerability: The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform authorization checks, which can allow an unprivileged user to drop any function, procedure, materialized view, index, or trigger under certain conditions. Thi...