SUSE-CU-2024:4156-1: Security update of suse/postgres

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Sep 10 08:35:33 UTC 2024 

SUSE Container Update Advisory: suse/postgres
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:4156-1
Container Tags        : suse/postgres:16 , suse/postgres:16-42.7 , suse/postgres:16.4 , suse/postgres:16.4-42.7 , suse/postgres:latest
Container Release     : 42.7
Severity              : important
Type                  : security
References            : 1224038 1224051 1228042 1229013 CVE-2024-4317 CVE-2024-7348 
-----------------------------------------------------------------

The container suse/postgres was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3159-1
Released:    Fri Sep  6 12:15:52 2024
Summary:     Security update for postgresql16
Type:        security
Severity:    important
References:  1224038,1224051,1229013,CVE-2024-4317,CVE-2024-7348
This update for postgresql16 fixes the following issues:

- Upgrade to 16.4 (bsc#1229013)
- CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013)
- CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See the release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3166-1
Released:    Mon Sep  9 12:25:30 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1228042
This update for glibc fixes the following issue:

- s390x-wcsncmp patch for s390x: Fix segfault in wcsncmp (bsc#1228042).


The following package changes have been done:

- glibc-2.38-150600.14.8.2 updated
- glibc-locale-base-2.38-150600.14.8.2 updated
- libpq5-16.4-150600.16.5.1 updated
- glibc-locale-2.38-150600.14.8.2 updated
- postgresql16-16.4-150600.16.5.1 updated
- postgresql16-server-16.4-150600.16.5.1 updated
- container:sles15-image-15.6.0-47.11.12 updated

More information about the sle-container-updates mailing list