Lucene search
SuseOPENSUSE-SU-2020:2028-1HistoryNov 26, 2020 - 12:00 a.m.
Security update for postgresql10 (important)
2020-11-2600:00:00
lists.opensuse.org
22
0.026 Low
EPSS
Percentile
90.3%
An update that fixes three vulnerabilities is now available.
Description:
This update for postgresql10 fixes the following issues:
- Upgrade to version 10.15:
- CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR … WITH HOLD and
firing of deferred triggers within index expressions and materialized
view queries. - CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string
parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql’s \connect command re-uses connection parameters, ensure
that all non-overridden parameters from a previous connection string
are re-used. - CVE-2020-25696, bsc#1178668: Prevent psql’s \gset command from
modifying specially-treated variables. - Fix recently-added timetz test case so it works when the USA is not
observing daylight savings time. - https://www.postgresql.org/about/news/2111/
- https://www.postgresql.org/docs/10/release-10-15.html
- CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR … WITH HOLD and
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2028=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | i586 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.i586.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | noarch | < - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm |
Related
nessus
nessus
openSUSE Security Update : postgresql12 (openSUSE-2020-2029)
2020-11-30 00:00:00
GLSA-202012-07 : PostgreSQL: Multiple vulnerabilities
2020-12-07 00:00:00
SUSE SLED15 / SLES15 Security Update : postgresql12 (SUSE-SU-2020:3425-1)
2020-12-09 00:00:00
redhat
redhat
(RHSA-2021:0161) Important: postgresql:10 security update
2021-01-18 09:12:23
(RHSA-2020:5316) Important: rh-postgresql10-postgresql security update
2020-12-02 10:07:42
(RHSA-2020:5317) Important: rh-postgresql12-postgresql security update
2020-12-02 10:07:44
suse
suse
Security update for postgresql12 (important)
2020-11-26 00:00:00
Security update for postgresql10 (important)
2020-11-26 00:00:00
Security update for postgresql12 (important)
2020-11-26 00:00:00
altlinux
altlinux
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3463-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-2478-1)
2020-12-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:3425-1)
2021-06-09 00:00:00
almalinux
almalinux
Important: postgresql:10 security update
2020-12-16 08:03:04
Important: libpq security update
2020-12-14 12:34:53
Important: postgresql:12 security update
2020-12-17 15:30:10
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2020-11-21 15:21:00
kaspersky
kaspersky
KLA12005 Multiple vulnerabilities in PostgreSQL
2020-11-12 00:00:00
osv
osv
postgresql-9.6 - security update
2020-12-02 00:00:00
postgresql-10, postgresql-12, postgresql-9.5 vulnerabilities
2020-11-17 13:03:44
Important: postgresql:12 security update
2020-12-17 15:30:10
debian
debian
[SECURITY] [DLA 2478-1] postgresql-9.6 security update
2020-12-02 11:04:53
archlinux
archlinux
[ASA-202011-14] postgresql: multiple issues
2020-11-17 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2020-11-17 00:00:00
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2020-12-07 00:00:00
oraclelinux
oraclelinux
postgresql:10 security update
2020-12-22 00:00:00
libpq security update
2020-12-15 00:00:00
postgresql:12 security update
2020-12-23 00:00:00
amazon
amazon
Important: postgresql95, postgresql96
2021-01-12 22:52:00
Important: postgresql
2021-06-16 20:37:00
Important: postgresql92
2021-07-08 18:38:00
ibm
ibm
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0298
2020-11-25 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-1.0-0340
2020-11-25 00:00:00
Important Photon OS Security Update - PHSA-2020-0340
2020-11-25 00:00:00
f5
f5
K53632470 : PostgreSQL vulnerabilities CVE-2020-25694, CVE-2020-25695
2021-01-06 00:00:00
K72430453 : PostgreSQL vulnerability CVE-2020-25696
2020-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: postgresql-12.6-1.fc33
2021-02-26 01:10:06
centos
centos
postgresql security update
2021-06-14 18:54:03
rocky
rocky
postgresql:12 security update
2020-12-17 15:30:10
ubuntucve
ubuntucve
cbl_mariner
cbl_mariner
CVE-2020-25695 affecting package postgresql 12.1-3
2021-06-20 03:47:42
CVE-2020-25696 affecting package postgresql 12.5-1
2021-06-20 03:47:42
CVE-2020-25694 affecting package postgresql 12.1-3
2021-06-20 03:47:42
postgresql
postgresql
Vulnerability in client (CVE-2020-25694)
2020-11-16 01:15:00
Vulnerability in client (CVE-2020-25696)
2020-11-23 22:15:00
Vulnerability in core server (CVE-2020-25695)
2020-11-16 01:15:00
debiancve
debiancve
prion
prion
Design/Logic Flaw
2020-11-16 01:15:00
Design/Logic Flaw
2020-11-16 01:15:00
Design/Logic Flaw
2020-11-23 22:15:00
alpinelinux
alpinelinux
nvd
nvd
redhatcve
redhatcve
cnvd
cnvd
PostgreSQL Arbitrary Code Execution Vulnerability (CNVD-2022-06539)
2020-11-24 00:00:00
cve
cve
veracode
veracode
Overwriting Variables
2020-11-20 09:48:27
Man-in-the-Middle
2020-11-20 09:38:29
Malicious Code Execution
2020-11-20 09:42:45
broadcom
broadcom
cvelist
cvelist