Описание
Security update for postgresql12
This update for postgresql12 fixes the following issues:
Upgrade to version 12.6:
- Reindexing might be needed after applying this update.
- CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages.
Список пакетов
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
libpq5-12.6-3.21.4
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
libpq5-12.6-3.21.4
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
libpq5-12.6-3.21.4
SUSE Enterprise Storage 6
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Linux Enterprise Server 15 SP1-BCL
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Linux Enterprise Server 15 SP1-LTSS
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Manager Proxy 4.0
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Manager Retail Branch Server 4.0
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
SUSE Manager Server 4.0
libecpg6-12.6-3.21.4
libpq5-12.6-3.21.4
libpq5-32bit-12.6-3.21.4
postgresql12-12.6-3.21.4
postgresql12-contrib-12.6-3.21.4
postgresql12-devel-12.6-3.21.4
postgresql12-docs-12.6-3.21.4
postgresql12-plperl-12.6-3.21.4
postgresql12-plpython-12.6-3.21.4
postgresql12-pltcl-12.6-3.21.4
postgresql12-server-12.6-3.21.4
postgresql12-server-devel-12.6-3.21.4
Ссылки
- Link for SUSE-SU-2021:0695-1
- E-Mail link for SUSE-SU-2021:0695-1
- SUSE Security Ratings
- SUSE Bug 1179765
- SUSE Bug 1182040
- SUSE CVE CVE-2021-3393 page
Описание
An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.
Затронутые продукты
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server:libpq5-12.6-3.21.4
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server:libpq5-12.6-3.21.4
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server:libpq5-12.6-3.21.4
SUSE Enterprise Storage 6:libecpg6-12.6-3.21.4
Ссылки
- CVE-2021-3393
- SUSE Bug 1182040