https://www.postgresql.org/docs/9.5/static/release-9-5-11.html...">Security update for postgresql95 (important) - vulnerability database | Vulners.comhttps://www.postgresql.org/docs/9.5/static/release-9-5-11.html...">https://www.postgresql.org/docs/9.5/static/release-9-5-11.html...">https://www.postgresql.org/docs/9.5/static/release-9-5-11.html...">
Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2018:0529-1
HistoryFeb 23, 2018 - 12:08 a.m.

Security update for postgresql95 (important)

2018-02-2300:08:24
lists.opensuse.org
84

0.28 Low

EPSS

Percentile

96.3%

JSON

This update for postgresql95 fixes the following issues:

Upate to PostgreSQL 9.5.11:

Security issues fixed:

 * <a href="https://www.postgresql.org/docs/9.5/static/release-9-5-11.html">https://www.postgresql.org/docs/9.5/static/release-9-5-11.html</a>
 * CVE-2018-1053, boo#1077983: Ensure that all temporary files made by
   pg_upgrade are non-world-readable.
 * boo#1079757: Rename pg_rewind's copy_file_range function to avoid
   conflict with new Linux system call of that name.

In version 9.5.10:

 * <a href="https://www.postgresql.org/docs/9.5/static/release-9-5-10.html">https://www.postgresql.org/docs/9.5/static/release-9-5-10.html</a>
 * CVE-2017-15098, boo#1067844: Memory disclosure in JSON functions.
 * CVE-2017-15099, boo#1067841: INSERT ... ON CONFLICT DO UPDATE fails to
   enforce SELECT privileges.

In version 9.5.9:

 * <a href="https://www.postgresql.org/docs/9.5/static/release-9-5-9.html">https://www.postgresql.org/docs/9.5/static/release-9-5-9.html</a>
 * Show foreign tables in information_schema.table_privileges view.
 * Clean up handling of a fatal exit (e.g., due to receipt of SIGTERM)
   that occurs while trying to execute a ROLLBACK of a failed transaction.
 * Remove assertion that could trigger during a fatal exit.
 * Correctly identify columns that are of a range type or domain type
   over a composite type or domain type being searched for.
 * Fix crash in pg_restore when using parallel mode and using a list file
   to select a subset of items to restore.
 * Change ecpg's parser to allow RETURNING clauses without attached C
   variables.

In version 9.5.8

 * <a href="https://www.postgresql.org/docs/9.5/static/release-9-5-8.html">https://www.postgresql.org/docs/9.5/static/release-9-5-8.html</a>
 * CVE-2017-7547, boo#1051685: Further restrict visibility of
   pg_user_mappings.umoptions, to protect passwords stored as user
   mapping options.
 * CVE-2017-7546, boo#1051684: Disallow empty passwords in all
   password-based authentication methods.
 * CVE-2017-7548, boo#1053259: lo_put() function ignores ACLs.
OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.3i586postgresql95-contrib< 9.5.11-2.3.1postgresql95-contrib-9.5.11-2.3.1.i586.rpm
openSUSE Leap42.3i586postgresql95-contrib-debuginfo< 9.5.11-2.3.1postgresql95-contrib-debuginfo-9.5.11-2.3.1.i586.rpm
openSUSE Leap42.3x86_64postgresql95-server-debuginfo< 9.5.11-2.3.1postgresql95-server-debuginfo-9.5.11-2.3.1.x86_64.rpm
openSUSE Leap42.3x86_64postgresql95-debugsource< 9.5.11-2.3.1postgresql95-debugsource-9.5.11-2.3.1.x86_64.rpm
openSUSE Leap42.3i586postgresql95-devel-debuginfo< 9.5.11-2.3.1postgresql95-devel-debuginfo-9.5.11-2.3.1.i586.rpm
openSUSE Leap42.3i586postgresql95-devel< 9.5.11-2.3.1postgresql95-devel-9.5.11-2.3.1.i586.rpm
openSUSE Leap42.3i586postgresql95-debugsource< 9.5.11-2.3.1postgresql95-debugsource-9.5.11-2.3.1.i586.rpm
openSUSE Leap42.3x86_64postgresql95-plpython< 9.5.11-2.3.1postgresql95-plpython-9.5.11-2.3.1.x86_64.rpm
openSUSE Leap42.3i586postgresql95-plpython< 9.5.11-2.3.1postgresql95-plpython-9.5.11-2.3.1.i586.rpm
openSUSE Leap42.3i586postgresql95-libs-debugsource< 9.5.11-2.3.1postgresql95-libs-debugsource-9.5.11-2.3.1.i586.rpm
Rows per page:
1-10 of 351

Related

nessus 47
openvas 40
osv 12
fedora 3
redhat 6
suse 7
archlinux 3
debian 5
mageia 3
amazon 4
ubuntu 3
freebsd 2
centos 2
oraclelinux 2
kaspersky 3
gentoo 1
prion 4
postgresql 6
debiancve 6
veracode 5
cve 5
alpinelinux 6
redhatcve 6
ubuntucve 5
checkpoint_advisories 1
altlinux 11
broadcom 1
nessus
nessus
openSUSE Security Update : postgresql95 (openSUSE-2018-204)
2018-02-23 00:00:00
FreeBSD : PostgreSQL vulnerabilities (982872f1-7dd3-11e7-9736-6cc21735f730)
2017-08-11 00:00:00
PostgreSQL 9.2.x < 9.2.22 / 9.3.x < 9.3.18 / 9.4.x < 9.4.13 / 9.5.x < 9.5.8 / 9.6.x < 9.6.4 Multiple Vulnerabilities
2017-08-16 00:00:00
openvas
openvas
openSUSE: Security Advisory for postgresql95 (openSUSE-SU-2018:0529-1)
2018-02-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2355-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for postgresql96 (openSUSE-SU-2017:2391-1)
2017-09-09 00:00:00
osv
osv
postgresql-9.4 - security update
2017-08-10 00:00:00
postgresql-9.6 - security update
2017-08-10 00:00:00
postgresql-9.6 - security update
2017-11-09 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: mingw-postgresql-9.6.4-1.fc26
2017-08-20 18:35:35
[SECURITY] Fedora 25 Update: postgresql-9.5.8-1.fc25
2017-08-29 20:25:47
[SECURITY] Fedora 26 Update: postgresql-9.6.4-1.fc26
2017-08-14 21:54:56
redhat
redhat
(RHSA-2017:2678) Moderate: rh-postgresql94-postgresql security update
2017-09-12 09:43:02
(RHSA-2017:2677) Moderate: rh-postgresql95-postgresql security update
2017-09-12 07:28:36
(RHSA-2017:2728) Moderate: postgresql security update
2017-09-14 05:55:22
suse
suse
Security update for postgresql96 (important)
2017-09-08 18:30:56
Security update for postgresql93 (important)
2017-08-31 03:06:50
Security update for postgresql94 (important)
2017-09-05 21:07:37
archlinux
archlinux
[ASA-201709-2] postgresql: multiple issues
2017-09-06 00:00:00
[ASA-201711-18] postgresql-old-upgrade: multiple issues
2017-11-10 00:00:00
[ASA-201711-17] postgresql: multiple issues
2017-11-10 00:00:00
debian
debian
[SECURITY] [DSA 3935-1] postgresql-9.4 security update
2017-08-10 21:16:19
[SECURITY] [DSA 3936-1] postgresql-9.6 security update
2017-08-10 21:17:25
[SECURITY] [DSA 4028-1] postgresql-9.6 security update
2017-11-09 21:40:01
mageia
mageia
Updated postgresql9.3/4/6 packages fix security vulnerabilities
2017-08-28 11:14:39
Updated postgresql packages fix security vulnerabilities
2017-11-29 21:52:42
Updated postgresql packages fix security vulnerability
2018-02-25 02:25:24
amazon
amazon
Medium: postgresql94, postgresql95
2017-08-31 16:22:00
Medium: postgresql96
2017-10-06 16:51:00
Medium: postgresql93, postgresql92
2017-08-31 16:20:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2017-08-15 00:00:00
PostgreSQL vulnerabilities
2017-11-14 00:00:00
PostgreSQL vulnerability
2018-02-09 00:00:00
freebsd
freebsd
PostgreSQL vulnerabilities
2017-08-10 00:00:00
PostgreSQL vulnerabilities
2017-10-10 00:00:00
centos
centos
postgresql security update
2017-09-14 23:01:46
postgresql security update
2017-10-06 13:53:23
oraclelinux
oraclelinux
postgresql security update
2017-09-14 00:00:00
postgresql security update
2017-10-05 00:00:00
kaspersky
kaspersky
KLA11091 Multiple vulnerabilities in PostgreSQL
2017-08-10 00:00:00
KLA11147 Multiple vulnerabilities in PostgreSQL
2017-11-09 00:00:00
KLA11092 Denial of service vulnerability in PostgreSQL
2017-08-10 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2017-10-08 00:00:00
prion
prion
Privilege escalation
2017-11-22 18:29:00
Authentication flaw
2017-08-16 18:29:00
Authorization
2017-08-16 18:29:00
postgresql
postgresql
Vulnerability in core server (CVE-2017-15099)
2017-11-22 18:29:00
Vulnerability in core server (CVE-2017-15098)
2017-11-22 17:29:00
Vulnerability in core server (CVE-2017-7546)
2017-08-16 18:29:00
debiancve
debiancve
CVE-2017-15099
2017-11-22 18:29:00
CVE-2017-7546
2017-08-16 18:29:00
CVE-2017-7548
2017-08-16 18:29:00
veracode
veracode
Privilege Escalation
2019-05-16 03:23:26
Denial Of Service (DoS)
2019-01-15 09:24:40
Authentication Bypass
2019-01-15 09:19:36
cve
cve
CVE-2017-15099
2017-11-22 18:29:00
CVE-2017-7546
2017-08-16 18:29:00
CVE-2017-15098
2017-11-22 17:29:00
alpinelinux
alpinelinux
CVE-2017-15099
2017-11-22 18:29:00
CVE-2017-7546
2017-08-16 18:29:00
CVE-2017-7548
2017-08-16 18:29:00
redhatcve
redhatcve
CVE-2017-7546
2019-10-10 03:58:16
CVE-2017-15098
2019-10-08 04:03:14
CVE-2017-15099
2017-11-13 10:19:33
ubuntucve
ubuntucve
CVE-2017-7546
2017-08-10 00:00:00
CVE-2017-15098
2017-11-09 00:00:00
CVE-2017-15099
2017-11-09 00:00:00
checkpoint_advisories
checkpoint_advisories
PostgreSQL Database Core Server non-libpq Client Policy Bypass (CVE-2017-7546)
2017-08-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package postgresql9.4 version 9.4.13-alt0.M70P.1
2017-08-09 00:00:00
Security fix for the ALT Linux 8 package postgresql12 version 9.6.4-alt1
2017-08-09 00:00:00
Security fix for the ALT Linux 7 package postgresql9.6-1C version 9.6.4-alt0.M70P.1
2017-08-09 00:00:00
broadcom
broadcom
CVE-2018-1053 - Ensure that all temporary files made with "pg_upgrade" are non-world-readable
2023-05-19 00:00:00

0.28 Low

EPSS

Percentile

96.3%

JSON
Related for OPENSUSE-SU-2018:0529-1
nessus47openvas40osv12fedora3redhat6suse7archlinux3debian5mageia3amazon4ubuntu3freebsd2centos2oraclelinux2kaspersky3gentoo1prion4postgresql6debiancve6veracode5cve5alpinelinux6redhatcve6ubuntucve5checkpoint_advisories1altlinux11broadcom1