SUSE-SU-2023:0393-1

Опубликовано: 13 фев. 2023

Источник: suse-cvrf

Описание

Security update for postgresql15

This update for postgresql15 fixes the following issues:

Update to 15.2:

CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102).

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL

libecpg6-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

SUSE Linux Enterprise Server 12 SP4-LTSS

libecpg6-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

SUSE Linux Enterprise Server 12 SP5

libecpg6-15.2-3.6.1

libecpg6-32bit-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

postgresql15-15.2-3.6.1

postgresql15-contrib-15.2-3.6.1

postgresql15-docs-15.2-3.6.1

postgresql15-plperl-15.2-3.6.1

postgresql15-plpython-15.2-3.6.1

postgresql15-pltcl-15.2-3.6.1

postgresql15-server-15.2-3.6.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

libecpg6-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

libecpg6-15.2-3.6.1

libecpg6-32bit-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

postgresql15-15.2-3.6.1

postgresql15-contrib-15.2-3.6.1

postgresql15-docs-15.2-3.6.1

postgresql15-plperl-15.2-3.6.1

postgresql15-plpython-15.2-3.6.1

postgresql15-pltcl-15.2-3.6.1

postgresql15-server-15.2-3.6.1

SUSE Linux Enterprise Software Development Kit 12 SP5

postgresql15-devel-15.2-3.6.1

postgresql15-server-devel-15.2-3.6.1

SUSE OpenStack Cloud 9

libecpg6-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

SUSE OpenStack Cloud Crowbar 9

libecpg6-15.2-3.6.1

libpq5-15.2-3.6.1

libpq5-32bit-15.2-3.6.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230393-1/
Link for SUSE-SU-2023:0393-1
https://lists.suse.com/pipermail/sle-security-updates/2023-February/013746.html
E-Mail link for SUSE-SU-2023:0393-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1208102
SUSE Bug 1208102
https://www.suse.com/security/cve/CVE-2022-41862/
SUSE CVE CVE-2022-41862 page

Описание

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.

Затронутые продукты

SUSE Linux Enterprise Server 12 SP2-BCL:libecpg6-15.2-3.6.1

SUSE Linux Enterprise Server 12 SP2-BCL:libpq5-15.2-3.6.1

SUSE Linux Enterprise Server 12 SP2-BCL:libpq5-32bit-15.2-3.6.1

SUSE Linux Enterprise Server 12 SP4-LTSS:libecpg6-15.2-3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-41862.html
CVE-2022-41862
https://bugzilla.suse.com/1208102
SUSE Bug 1208102

SUSE-SU-2023:0393-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2022-41862

Описание

Затронутые продукты

Ссылки