Описание
Security update for postgresql94
This update for postgresql94 fixes the following issues:
Security issues fixed:
- CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925).
Bug fixes:
- See release notes for details:
Список пакетов
SUSE Linux Enterprise Server 11 SP4
libecpg6-9.4.17-0.23.16.1
libpq5-9.4.17-0.23.16.1
libpq5-32bit-9.4.17-0.23.16.1
postgresql94-9.4.17-0.23.16.1
postgresql94-contrib-9.4.17-0.23.16.1
postgresql94-docs-9.4.17-0.23.16.1
postgresql94-server-9.4.17-0.23.16.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libecpg6-9.4.17-0.23.16.1
libpq5-9.4.17-0.23.16.1
libpq5-32bit-9.4.17-0.23.16.1
postgresql94-9.4.17-0.23.16.1
postgresql94-contrib-9.4.17-0.23.16.1
postgresql94-docs-9.4.17-0.23.16.1
postgresql94-server-9.4.17-0.23.16.1
SUSE Linux Enterprise Software Development Kit 11 SP4
postgresql94-devel-9.4.17-0.23.16.1
Ссылки
- Link for SUSE-SU-2018:0755-1
- E-Mail link for SUSE-SU-2018:0755-1
- SUSE Security Ratings
- SUSE Bug 1081925
- SUSE CVE CVE-2018-1058 page
Описание
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libecpg6-9.4.17-0.23.16.1
SUSE Linux Enterprise Server 11 SP4:libpq5-32bit-9.4.17-0.23.16.1
SUSE Linux Enterprise Server 11 SP4:libpq5-9.4.17-0.23.16.1
SUSE Linux Enterprise Server 11 SP4:postgresql94-9.4.17-0.23.16.1
Ссылки
- CVE-2018-1058
- SUSE Bug 1081925
- SUSE Bug 1175193
- SUSE Bug 1175194
- SUSE Bug 1185814