Описание
Security update for postgresql13
This update for postgresql13 fixes the following issues:
Upgrade to 13.21:
- CVE-2025-4207: Fixed PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation (bsc#1242931)
Changelog:
Список пакетов
SUSE Enterprise Storage 7.1
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-llvmjit-13.21-150200.5.72.1
postgresql13-llvmjit-devel-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-llvmjit-13.21-150200.5.72.1
postgresql13-llvmjit-devel-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise Server 15 SP3-LTSS
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise Server 15 SP4-LTSS
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-llvmjit-13.21-150200.5.72.1
postgresql13-llvmjit-devel-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
postgresql13-13.21-150200.5.72.1
postgresql13-contrib-13.21-150200.5.72.1
postgresql13-devel-13.21-150200.5.72.1
postgresql13-docs-13.21-150200.5.72.1
postgresql13-llvmjit-13.21-150200.5.72.1
postgresql13-llvmjit-devel-13.21-150200.5.72.1
postgresql13-plperl-13.21-150200.5.72.1
postgresql13-plpython-13.21-150200.5.72.1
postgresql13-pltcl-13.21-150200.5.72.1
postgresql13-server-13.21-150200.5.72.1
postgresql13-server-devel-13.21-150200.5.72.1
Ссылки
- Link for SUSE-SU-2025:01705-1
- E-Mail link for SUSE-SU-2025:01705-1
- SUSE Security Ratings
- SUSE Bug 1242931
- SUSE CVE CVE-2025-4207 page
Описание
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
Затронутые продукты
SUSE Enterprise Storage 7.1:postgresql13-13.21-150200.5.72.1
SUSE Enterprise Storage 7.1:postgresql13-contrib-13.21-150200.5.72.1
SUSE Enterprise Storage 7.1:postgresql13-devel-13.21-150200.5.72.1
SUSE Enterprise Storage 7.1:postgresql13-docs-13.21-150200.5.72.1
Ссылки
- CVE-2025-4207
- SUSE Bug 1242931