SUSE-SU-2012:0702-1: Security update for PostgreSQL
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Jun 5 17:08:29 MDT 2012
SUSE Security Update: Security update for PostgreSQL
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0702-1
Rating: low
References: #749299 #749303
Cross-References: CVE-2012-0866 CVE-2012-0868
Affected Products:
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Desktop 10 SP4
SLE SDK 10 SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
* Security and bugfix release:
* Require execute permission on the trigger function
for CREATE TRIGGER (CVE-2012-0866, bnc#749299).
* Convert newlines to spaces in names written in
pg_dump comments (CVE-2012-0868, bnc#749303).
Please see the PostgreSQL release notes document for full
changelog and details:
http://www.postgresql.org/docs/8.3/static/release.html
<http://www.postgresql.org/docs/8.3/static/release.html>
Security Issue references:
* CVE-2012-0868
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868
>
* CVE-2012-0866
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
>
Package List:
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64):
postgresql-8.1.22-0.8.1
- SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
postgresql-contrib-8.1.22-0.8.1
postgresql-devel-8.1.22-0.8.1
postgresql-docs-8.1.22-0.8.1
postgresql-libs-8.1.22-0.8.1
postgresql-server-8.1.22-0.8.1
- SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
postgresql-libs-32bit-8.1.22-0.8.1
- SUSE Linux Enterprise Server 10 SP4 (ia64):
postgresql-libs-x86-8.1.22-0.8.1
- SUSE Linux Enterprise Server 10 SP4 (ppc):
postgresql-libs-64bit-8.1.22-0.8.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
postgresql-devel-8.1.22-0.8.1
postgresql-libs-8.1.22-0.8.1
- SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
postgresql-libs-32bit-8.1.22-0.8.1
- SLE SDK 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64):
postgresql-8.1.22-0.8.1
- SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):
postgresql-contrib-8.1.22-0.8.1
postgresql-devel-8.1.22-0.8.1
postgresql-docs-8.1.22-0.8.1
postgresql-server-8.1.22-0.8.1
References:
http://support.novell.com/security/cve/CVE-2012-0866.html
http://support.novell.com/security/cve/CVE-2012-0868.html
https://bugzilla.novell.com/749299
https://bugzilla.novell.com/749303
http://download.novell.com/patch/finder/?keywords=bb8dbe40ca6eb550de22331990660c8f
More information about the sle-security-updates
mailing list