SUSE-SU-2022:1804-1

Опубликовано: 23 мая 2022

Источник: suse-cvrf

Описание

Security update for postgresql10

This update for postgresql10 fixes the following issues:

CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes (bsc#1199475).

Список пакетов

HPE Helion OpenStack 8

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server 12 SP2-BCL

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server 12 SP3-BCL

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server 12 SP3-LTSS

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server 12 SP4-LTSS

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server 12 SP5

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server for SAP Applications 12 SP3

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Server for SAP Applications 12 SP5

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE Linux Enterprise Software Development Kit 12 SP5

postgresql10-devel-10.21-4.28.3

SUSE OpenStack Cloud 8

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE OpenStack Cloud 9

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE OpenStack Cloud Crowbar 8

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

SUSE OpenStack Cloud Crowbar 9

postgresql10-10.21-4.28.3

postgresql10-contrib-10.21-4.28.3

postgresql10-docs-10.21-4.28.3

postgresql10-plperl-10.21-4.28.3

postgresql10-plpython-10.21-4.28.3

postgresql10-pltcl-10.21-4.28.3

postgresql10-server-10.21-4.28.3

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20221804-1/
Link for SUSE-SU-2022:1804-1
https://lists.suse.com/pipermail/sle-security-updates/2022-May/011129.html
E-Mail link for SUSE-SU-2022:1804-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1199475
SUSE Bug 1199475
https://www.suse.com/security/cve/CVE-2022-1552/
SUSE CVE CVE-2022-1552 page

Описание

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck commands activated relevant protections too late or not at all during the process. This flaw allows an attacker with permission to create non-temporary objects in at least one schema to execute arbitrary SQL functions under a superuser identity.

Затронутые продукты

HPE Helion OpenStack 8:postgresql10-10.21-4.28.3

HPE Helion OpenStack 8:postgresql10-contrib-10.21-4.28.3

HPE Helion OpenStack 8:postgresql10-docs-10.21-4.28.3

HPE Helion OpenStack 8:postgresql10-plperl-10.21-4.28.3

Ссылки

https://www.suse.com/security/cve/CVE-2022-1552.html
CVE-2022-1552
https://bugzilla.suse.com/1199475
SUSE Bug 1199475

SUSE-SU-2022:1804-1

Описание

Список пакетов

HPE Helion OpenStack 8

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2022-1552

Описание

Затронутые продукты

Ссылки