Mailinglist Archive: opensuse-updates (98 mails)

< Previous Next >
openSUSE-SU-2015:0499-1: moderate: Security and bugfix release for PostgreSQL
openSUSE Security Update: Security and bugfix release for PostgreSQL
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:0499-1
Rating: moderate
References:
Cross-References: CVE-2014-8161 CVE-2015-0241 CVE-2015-0242
CVE-2015-0243 CVE-2015-0244
Affected Products:
openSUSE Evergreen 11.4
______________________________________________________________________________

An update that fixes 5 vulnerabilities is now available.

Description:

- Security and bugfix release 9.0.19:

*Fix buffer overruns in to_char() (CVE-2015-0241)
*Fix buffer overrun in replacement *printf() functions (CVE-2015-0242)
*Fix buffer overruns in contrib/pgcrypto (CVE-2015-0243)
*Fix possible loss of frontend/backend protocol synchronization after an
error (CVE-2015-0244)
*Fix information leak via constraint-violation error messages
(CVE-2014-8161)
- for details see:
http://www.postgresql.org/docs/9.0/static/release-9-0-19.html


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE Evergreen 11.4:

zypper in -t patch 2015-9=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE Evergreen 11.4 (i586 x86_64):

libecpg6-9.0.19-47.1
libecpg6-debuginfo-9.0.19-47.1
libpq5-9.0.19-47.1
libpq5-debuginfo-9.0.19-47.1
postgresql-9.0.19-47.1
postgresql-contrib-9.0.19-47.1
postgresql-contrib-debuginfo-9.0.19-47.1
postgresql-debuginfo-9.0.19-47.1
postgresql-debugsource-9.0.19-47.1
postgresql-devel-9.0.19-47.1
postgresql-devel-debuginfo-9.0.19-47.1
postgresql-libs-debugsource-9.0.19-47.1
postgresql-plperl-9.0.19-47.1
postgresql-plperl-debuginfo-9.0.19-47.1
postgresql-plpython-9.0.19-47.1
postgresql-plpython-debuginfo-9.0.19-47.1
postgresql-pltcl-9.0.19-47.1
postgresql-pltcl-debuginfo-9.0.19-47.1
postgresql-server-9.0.19-47.1
postgresql-server-debuginfo-9.0.19-47.1

- openSUSE Evergreen 11.4 (x86_64):

libpq5-32bit-9.0.19-47.1
libpq5-debuginfo-32bit-9.0.19-47.1

- openSUSE Evergreen 11.4 (noarch):

postgresql-docs-9.0.19-47.1

- openSUSE Evergreen 11.4 (ia64):

libpq5-debuginfo-x86-9.0.19-47.1
libpq5-x86-9.0.19-47.1


References:

http://support.novell.com/security/cve/CVE-2014-8161.html
http://support.novell.com/security/cve/CVE-2015-0241.html
http://support.novell.com/security/cve/CVE-2015-0242.html
http://support.novell.com/security/cve/CVE-2015-0243.html
http://support.novell.com/security/cve/CVE-2015-0244.html


< Previous Next >
This Thread
  • No further messages