openSUSE-SU-2018:0890-1

Опубликовано: 06 апр. 2018

Источник: suse-cvrf

Описание

Security update for postgresql94

This update for postgresql94 fixes the following issues:

Security issues fixed:

CVE-2018-1058: Fixed uncontrolled search path element in pg_dump and other client applications (bsc#1081925).

Bug fixes:

See release notes for details:
- https://www.postgresql.org/docs/9.4/static/release-9-4-17.html
- https://www.postgresql.org/docs/9.4/static/release-9-4-16.html

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.3

postgresql94-9.4.17-21.1

postgresql94-contrib-9.4.17-21.1

postgresql94-devel-9.4.17-21.1

postgresql94-docs-9.4.17-21.1

postgresql94-libs-9.4.17-21.1

postgresql94-plperl-9.4.17-21.1

postgresql94-plpython-9.4.17-21.1

postgresql94-pltcl-9.4.17-21.1

postgresql94-server-9.4.17-21.1

postgresql94-test-9.4.17-21.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-04/msg00009.html
E-Mail link for openSUSE-SU-2018:0890-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.

Затронутые продукты

openSUSE Leap 42.3:postgresql94-9.4.17-21.1

openSUSE Leap 42.3:postgresql94-contrib-9.4.17-21.1

openSUSE Leap 42.3:postgresql94-devel-9.4.17-21.1

openSUSE Leap 42.3:postgresql94-docs-9.4.17-21.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-1058.html
CVE-2018-1058
https://bugzilla.suse.com/1081925
SUSE Bug 1081925
https://bugzilla.suse.com/1175193
SUSE Bug 1175193
https://bugzilla.suse.com/1175194
SUSE Bug 1175194

openSUSE-SU-2018:0890-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-1058

Описание

Затронутые продукты

Ссылки