SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2019:1687-1)

This update for postgresql96 fixes the following issues : Security issue fixed : CVE-2019-10130: Prevent row-level security policies from being bypassed via selectivity estimators bsc1134689. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

Amazon Linux AMI : postgresql96 (ALAS-2018-1119)

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side...

openSUSE Security Update : postgresql96 (openSUSE-2018-1278)

This update for postgresql96 to 9.6.10 fixes the following issues : These security issues were fixed : - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted...

openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:3449-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for postgresql96 (important)

This update for postgresql96 to 9.6.10 fixes the following issues: These security issues were fixed: - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted...

SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:3377-1)

This update for postgresql96 to 9.6.10 fixes the following issues : These security issues were fixed : CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with 'host' or 'hostaddr' connection parameters from untrusted...

Amazon Linux AMI : postgresql96 (ALAS-2018-1074)

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with 'host' or 'hostaddr' connection parameters from untrusted input, attackers could bypass client-side...

Important: postgresql96

Issue Overview: A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could...

openSUSE Security Update : postgresql96 (openSUSE-2018-638)

PostgreSQL was updated to 9.6.9 fixing bugs and security issues : Release notes : - https://www.postgresql.org/about/news/1851/ - https://www.postgresql.org/docs/current/static/release-9-6-9.html A dump/restore is not required for those running 9.6.X. However, if you use the adminpack extension,...

openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2018:1709-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:1695-1)

PostgreSQL was updated to 9.6.9 fixing bugs and security issues: Release notes : - https://www.postgresql.org/about/news/1851/ - https://www.postgresql.org/docs/current/static/release-9-6-9.html A dump/restore is not required for those running 9.6.X. However, if you use the adminpack extension, y...

Amazon Linux AMI : postgresql93 / postgresql94,postgresql95,postgresql96 (ALAS-2018-990)

Uncontrolled search path element in pgdump and other client applications A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database...

openSUSE Security Update : postgresql96 (openSUSE-2018-287)

This update for postgresql96 fixes the following issues : Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pgdump and other client applications bsc1081925. Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.6/static/release-9-6-8.ht...

SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:0756-1)

This update for postgresql96 fixes the following issues: Security issues fixed : - CVE-2018-1058: Fixed uncontrolled search path element in pgdump and other client applications bsc1081925. Bug fixes : - See release notes for details : - https://www.postgresql.org/docs/9.6/static/release-9-6-8.htm...

openSUSE Security Update : postgresql96 (openSUSE-2018-203)

This update for postgresql96 to version 9.6.7 fixes the following issues : - CVE-2018-1053: Ensure that all temporary files made by pgupgrade are non-world-readable. bsc1077983 A full changelog is available here : https://www.postgresql.org/docs/9.6/static/release-9-6-7.html This update was...

SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2018:0507-1)

This update for postgresql96 to version 9.6.7 fixes the following issues : - CVE-2018-1053: Ensure that all temporary files made by pgupgrade are non-world-readable. bsc1077983 A full changelog is available here: https://www.postgresql.org/docs/9.6/static/release-9 -6-7.html Note that Tenable...

SUSE SLED12 / SLES12 Security Update : postgresql96 (SUSE-SU-2017:3391-1)

This update for postgresql96 fixes the following issues: Security issues fixed : - CVE-2017-15098: Fix crash due to rowtype mismatch in jsonbpopulaterecordset bsc1067844. - CVE-2017-15099: Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases...

Amazon Linux AMI : postgresql96 (ALAS-2017-908)

The pgusermappings view discloses passwords to users lacking server privileges : An authorization flaw was found in the way PostgreSQL handled access to the pgusermappings view on foreign servers. A remote authenticated attacker could potentially use this flaw to retrieve passwords from the user...

openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2017:2391-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for postgresql96 (important)

This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...