SUSE-SU-2023:0479-1

Опубликовано: 22 фев. 2023

Источник: suse-cvrf

Описание

Security update for postgresql12

This update for postgresql12 fixes the following issues:

Update to 12.14:

CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102).
Update to 12.13 (bsc#1205300).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libecpg6-12.14-150100.3.37.1

libpq5-12.14-150100.3.37.1

libpq5-32bit-12.14-150100.3.37.1

postgresql12-12.14-150100.3.37.1

postgresql12-contrib-12.14-150100.3.37.1

postgresql12-devel-12.14-150100.3.37.1

postgresql12-docs-12.14-150100.3.37.1

postgresql12-plperl-12.14-150100.3.37.1

postgresql12-plpython-12.14-150100.3.37.1

postgresql12-pltcl-12.14-150100.3.37.1

postgresql12-server-12.14-150100.3.37.1

postgresql12-server-devel-12.14-150100.3.37.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libecpg6-12.14-150100.3.37.1

libpq5-12.14-150100.3.37.1

libpq5-32bit-12.14-150100.3.37.1

postgresql12-12.14-150100.3.37.1

postgresql12-contrib-12.14-150100.3.37.1

postgresql12-devel-12.14-150100.3.37.1

postgresql12-docs-12.14-150100.3.37.1

postgresql12-plperl-12.14-150100.3.37.1

postgresql12-plpython-12.14-150100.3.37.1

postgresql12-pltcl-12.14-150100.3.37.1

postgresql12-server-12.14-150100.3.37.1

postgresql12-server-devel-12.14-150100.3.37.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libecpg6-12.14-150100.3.37.1

libpq5-12.14-150100.3.37.1

libpq5-32bit-12.14-150100.3.37.1

postgresql12-12.14-150100.3.37.1

postgresql12-contrib-12.14-150100.3.37.1

postgresql12-devel-12.14-150100.3.37.1

postgresql12-docs-12.14-150100.3.37.1

postgresql12-plperl-12.14-150100.3.37.1

postgresql12-plpython-12.14-150100.3.37.1

postgresql12-pltcl-12.14-150100.3.37.1

postgresql12-server-12.14-150100.3.37.1

postgresql12-server-devel-12.14-150100.3.37.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230479-1/
Link for SUSE-SU-2023:0479-1
https://lists.suse.com/pipermail/sle-security-updates/2023-February/013870.html
E-Mail link for SUSE-SU-2023:0479-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1205300
SUSE Bug 1205300
https://bugzilla.suse.com/1208102
SUSE Bug 1208102
https://www.suse.com/security/cve/CVE-2022-41862/
SUSE CVE CVE-2022-41862 page

Описание

In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libecpg6-12.14-150100.3.37.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libpq5-12.14-150100.3.37.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libpq5-32bit-12.14-150100.3.37.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:postgresql12-12.14-150100.3.37.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-41862.html
CVE-2022-41862
https://bugzilla.suse.com/1208102
SUSE Bug 1208102

SUSE-SU-2023:0479-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2022-41862

Описание

Затронутые продукты

Ссылки