SUSE-SU-2022:2958-1 -- SLES postgresql12, libecpg6, libpq5ID: oval:org.secpod.oval:def:89046930 | Date: (C)2022-09-06 (M)2023-11-13 |
Class: PATCH | Family: unix |
This update for postgresql12 fixes the following issues: - Upgrade to 12.12: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to 12.11: - CVE-2022-1552: Confined additional operations within security restricted operation sandboxes . - Upgrade to 12.10 - Add constraints file with 12GB of memory for s390x as a workaround - Upgrade to version 12.9 : - CVE-2021-23214: Made the server reject extraneous data after an SSL or GSS encryption handshake - CVE-2021-23222: Made libpq reject extraneous data after an SSL or GSS encryption handshake - Upgrade to version 12.8: - CVE-2021-3677: Fixed memory disclosure in certain queries . - Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ... RETURNING pg_psql_temporary_savepoint does not exist . - Fixed build with llvm12 on s390x . - Re-enabled icu for PostgreSQL 10 . - Made the dependency of postgresqlXX-server-devel on llvm and clang optional . - llvm12 breaks PostgreSQL 11 and 12 on s390x. Use llvm11 as a workaround . - Don"t use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now .
Platform: |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
postgresql12 |
libecpg6 |
libpq5 |