SUSE-CU-2023:1787-1: Security update of suse/postgres

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Jun 6 07:13:29 UTC 2023


SUSE Container Update Advisory: suse/postgres
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1787-1
Container Tags        : suse/postgres:14 , suse/postgres:14-21.20 , suse/postgres:14.8 , suse/postgres:14.8-21.20
Container Release     : 21.20
Severity              : important
Type                  : security
References            : 1203141 1206513 1207410 1210164 1210303 1210303 1210434 1210593
                        1210702 1211228 1211228 1211229 1211229 1211230 1211231 1211232
                        1211233 1211430 CVE-2023-2454 CVE-2023-2454 CVE-2023-2455 CVE-2023-2455
                        CVE-2023-2650 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322
                        CVE-2023-29491 
-----------------------------------------------------------------

The container suse/postgres was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2111-1
Released:    Fri May  5 14:34:00 2023
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1210434,CVE-2023-29491
This update for ncurses fixes the following issues:

- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2133-1
Released:    Tue May  9 13:37:10 2023
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1206513
This update for zlib fixes the following issues:

- Add DFLTCC support for using inflate() with a small window (bsc#1206513)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2205-1
Released:    Mon May 15 13:15:13 2023
Summary:     Security update for postgresql14
Type:        security
Severity:    important
References:  1210303,1211228,1211229,CVE-2023-2454,CVE-2023-2455
This update for postgresql14 fixes the following issues:

Updated to version 14.8:
  - CVE-2023-2454: Fixed an issue where a user having permission to
    create a schema could hijack the privileges of a security definer
    function or extension script (bsc#1211228).
  - CVE-2023-2455: Fixed an issue that could allow a user to see or
    modify rows that should have been invisible (bsc#1211229).
  - Internal fixes (bsc#1210303).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2207-1
Released:    Mon May 15 13:20:56 2023
Summary:     Security update for postgresql15
Type:        security
Severity:    important
References:  1210303,1211228,1211229,CVE-2023-2454,CVE-2023-2455
This update for postgresql15 fixes the following issues:

Updated to version 15.3:
  - CVE-2023-2454: Fixed an issue where a user having permission to
    create a schema could hijack the privileges of a security definer
    function or extension script (bsc#1211228).
  - CVE-2023-2455: Fixed an issue that could allow a user to see or
    modify rows that should have been invisible (bsc#1211229).
  - Internal fixes (bsc#1210303).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2224-1
Released:    Wed May 17 09:53:54 2023
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322
This update for curl adds the following feature:

Update to version 8.0.1 (jsc#PED-2580)

- CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230).
- CVE-2023-28320: siglongjmp race condition (bsc#1211231).
- CVE-2023-28321: IDN wildcard matching (bsc#1211232).
- CVE-2023-28322: POST-after-PUT confusion (bsc#1211233).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2240-1
Released:    Wed May 17 19:56:54 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1203141,1207410
This update for systemd fixes the following issues:

- udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410)
- Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141)
- Add nss-resolve and systemd-network to Packagehub-Subpackages (MSC-626)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2307-1
Released:    Mon May 29 10:29:49 2023
Summary:     Recommended update for kbd
Type:        recommended
Severity:    low
References:  1210702
This update for kbd fixes the following issue:

- Add 'ara' vc keymap, 'ara' is slightly better than 'arabic' as it matches the name of its X11 layout counterpart. (bsc#1210702)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2317-1
Released:    Tue May 30 14:01:22 2023
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1210164
This update for util-linux fixes the following issue:

- Add upstream patch to prevent possible performance degradation of libuuid (bsc#1210164)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2333-1
Released:    Wed May 31 09:01:28 2023
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1210593
This update for zlib fixes the following issue:

- Fix function calling order to avoid crashes (bsc#1210593)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2342-1
Released:    Thu Jun  1 11:34:20 2023
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1211430,CVE-2023-2650
This update for openssl-1_1 fixes the following issues:

- CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430).


The following package changes have been done:

- libuuid1-2.37.2-150400.8.17.1 updated
- libudev1-249.16-150400.8.28.3 updated
- libsmartcols1-2.37.2-150400.8.17.1 updated
- libblkid1-2.37.2-150400.8.17.1 updated
- libfdisk1-2.37.2-150400.8.17.1 updated
- libz1-1.2.11-150000.3.45.1 updated
- libncurses6-6.1-150000.5.15.1 updated
- terminfo-base-6.1-150000.5.15.1 updated
- ncurses-utils-6.1-150000.5.15.1 updated
- libsystemd0-249.16-150400.8.28.3 updated
- libopenssl1_1-1.1.1l-150400.7.37.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.37.1 updated
- libmount1-2.37.2-150400.8.17.1 updated
- libcurl4-8.0.1-150400.5.23.1 updated
- util-linux-2.37.2-150400.8.17.1 updated
- kbd-legacy-2.4.0-150400.5.6.1 updated
- libpq5-15.3-150200.5.9.1 updated
- kbd-2.4.0-150400.5.6.1 updated
- postgresql14-14.8-150200.5.26.1 updated
- systemd-249.16-150400.8.28.3 updated
- postgresql14-server-14.8-150200.5.26.1 updated
- container:sles15-image-15.0.0-27.14.66 updated


More information about the sle-security-updates mailing list