openSUSE-SU-2018:0765-1

Опубликовано: 21 мар. 2018

Источник: suse-cvrf

Описание

Security update for postgresql96

This update for postgresql96 fixes the following issues:

Security issues fixed:

CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925).

Bug fixes:

See release notes for details:
- https://www.postgresql.org/docs/9.6/static/release-9-6-8.html

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.3

libecpg6-9.6.8-15.1

libecpg6-32bit-9.6.8-15.1

libpq5-9.6.8-15.1

libpq5-32bit-9.6.8-15.1

postgresql96-9.6.8-15.1

postgresql96-contrib-9.6.8-15.1

postgresql96-devel-9.6.8-15.1

postgresql96-docs-9.6.8-15.1

postgresql96-libs-9.6.8-15.1

postgresql96-plperl-9.6.8-15.1

postgresql96-plpython-9.6.8-15.1

postgresql96-pltcl-9.6.8-15.1

postgresql96-server-9.6.8-15.1

postgresql96-test-9.6.8-15.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00076.html
E-Mail link for openSUSE-SU-2018:0765-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

Затронутые продукты

openSUSE Leap 42.3:libecpg6-32bit-9.6.8-15.1

openSUSE Leap 42.3:libecpg6-9.6.8-15.1

openSUSE Leap 42.3:libpq5-32bit-9.6.8-15.1

openSUSE Leap 42.3:libpq5-9.6.8-15.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-1058.html
CVE-2018-1058
https://bugzilla.suse.com/1081925
SUSE Bug 1081925
https://bugzilla.suse.com/1175193
SUSE Bug 1175193
https://bugzilla.suse.com/1175194
SUSE Bug 1175194

openSUSE-SU-2018:0765-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-1058

Описание

Затронутые продукты

Ссылки