Описание
Security update for postgresql15
This update for postgresql15 fixes the following issues:
Updated to version 15.3:
- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script (bsc#1211228).
- CVE-2023-2455: Fixed an issue that could allow a user to see or modify rows that should have been invisible (bsc#1211229).
- Internal fixes (bsc#1210303).
Список пакетов
Container suse/postgres:14
libpq5-15.3-150200.5.9.1
Container suse/postgres:15
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
Container suse/postgres:latest
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libpq5-15.3-150200.5.9.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libpq5-15.3-150200.5.9.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-BYOS
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
libpq5-15.3-150200.5.9.1
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
libpq5-15.3-150200.5.9.1
SUSE Enterprise Storage 7
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
libpq5-32bit-15.3-150200.5.9.1
SUSE Enterprise Storage 7.1
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
libpq5-32bit-15.3-150200.5.9.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
SUSE Linux Enterprise Module for Package Hub 15 SP4
postgresql15-llvmjit-15.3-150200.5.9.1
postgresql15-llvmjit-devel-15.3-150200.5.9.1
postgresql15-test-15.3-150200.5.9.1
SUSE Linux Enterprise Module for Server Applications 15 SP4
libecpg6-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Linux Enterprise Real Time 15 SP3
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
libpq5-32bit-15.3-150200.5.9.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
libpq5-32bit-15.3-150200.5.9.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Manager Proxy 4.2
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
SUSE Manager Server 4.2
libecpg6-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
openSUSE Leap 15.4
libecpg6-15.3-150200.5.9.1
libecpg6-32bit-15.3-150200.5.9.1
libpq5-15.3-150200.5.9.1
libpq5-32bit-15.3-150200.5.9.1
postgresql15-15.3-150200.5.9.1
postgresql15-contrib-15.3-150200.5.9.1
postgresql15-devel-15.3-150200.5.9.1
postgresql15-docs-15.3-150200.5.9.1
postgresql15-llvmjit-15.3-150200.5.9.1
postgresql15-llvmjit-devel-15.3-150200.5.9.1
postgresql15-plperl-15.3-150200.5.9.1
postgresql15-plpython-15.3-150200.5.9.1
postgresql15-pltcl-15.3-150200.5.9.1
postgresql15-server-15.3-150200.5.9.1
postgresql15-server-devel-15.3-150200.5.9.1
postgresql15-test-15.3-150200.5.9.1
Ссылки
- Link for SUSE-SU-2023:2207-1
- E-Mail link for SUSE-SU-2023:2207-1
- SUSE Security Ratings
- SUSE Bug 1210303
- SUSE Bug 1211228
- SUSE Bug 1211229
- SUSE CVE CVE-2023-2454 page
- SUSE CVE CVE-2023-2455 page
Описание
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
Затронутые продукты
Container suse/postgres:14:libpq5-15.3-150200.5.9.1
Container suse/postgres:15:libpq5-15.3-150200.5.9.1
Container suse/postgres:15:postgresql15-15.3-150200.5.9.1
Container suse/postgres:15:postgresql15-server-15.3-150200.5.9.1
Ссылки
- CVE-2023-2454
- SUSE Bug 1211228
Описание
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy.
Затронутые продукты
Container suse/postgres:14:libpq5-15.3-150200.5.9.1
Container suse/postgres:15:libpq5-15.3-150200.5.9.1
Container suse/postgres:15:postgresql15-15.3-150200.5.9.1
Container suse/postgres:15:postgresql15-server-15.3-150200.5.9.1
Ссылки
- CVE-2023-2455
- SUSE Bug 1211229