openSUSE-SU-2018:0736-1

Опубликовано: 18 мар. 2018

Источник: suse-cvrf

Описание

Security update for postgresql95

This update for postgresql95 fixes the following issues:

Security issue fixed in PostgreSQL 9.5.12:

CVE-2018-1058: Uncontrolled search path element in pg_dump and other client applications (boo#1081925).

Список пакетов

openSUSE Leap 42.3

postgresql95-9.5.12-2.6.1

postgresql95-contrib-9.5.12-2.6.1

postgresql95-devel-9.5.12-2.6.1

postgresql95-docs-9.5.12-2.6.1

postgresql95-libs-9.5.12-2.6.1

postgresql95-plperl-9.5.12-2.6.1

postgresql95-plpython-9.5.12-2.6.1

postgresql95-pltcl-9.5.12-2.6.1

postgresql95-server-9.5.12-2.6.1

postgresql95-test-9.5.12-2.6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00068.html
E-Mail link for openSUSE-SU-2018:0736-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

Затронутые продукты

openSUSE Leap 42.3:postgresql95-9.5.12-2.6.1

openSUSE Leap 42.3:postgresql95-contrib-9.5.12-2.6.1

openSUSE Leap 42.3:postgresql95-devel-9.5.12-2.6.1

openSUSE Leap 42.3:postgresql95-docs-9.5.12-2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-1058.html
CVE-2018-1058
https://bugzilla.suse.com/1081925
SUSE Bug 1081925
https://bugzilla.suse.com/1175193
SUSE Bug 1175193
https://bugzilla.suse.com/1175194
SUSE Bug 1175194

openSUSE-SU-2018:0736-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-1058

Описание

Затронутые продукты

Ссылки