SUSE-SU-2012:0702-1: Security update for PostgreSQL

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Jun 5 17:08:29 MDT 2012


   SUSE Security Update: Security update for PostgreSQL
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:0702-1
Rating:             low
References:         #749299 #749303 
Cross-References:   CVE-2012-0866 CVE-2012-0868
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:


   * Security and bugfix release:
   * Require execute permission on the trigger function
   for CREATE TRIGGER (CVE-2012-0866, bnc#749299).
   * Convert newlines to spaces in names written in
   pg_dump comments (CVE-2012-0868, bnc#749303).

   Please see the PostgreSQL release notes document for full
   changelog and  details:

   http://www.postgresql.org/docs/8.3/static/release.html
   <http://www.postgresql.org/docs/8.3/static/release.html>

   Security Issue references:

   * CVE-2012-0868
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868
   >
   * CVE-2012-0866
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
   >



Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64):

      postgresql-8.1.22-0.8.1

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      postgresql-contrib-8.1.22-0.8.1
      postgresql-devel-8.1.22-0.8.1
      postgresql-docs-8.1.22-0.8.1
      postgresql-libs-8.1.22-0.8.1
      postgresql-server-8.1.22-0.8.1

   - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

      postgresql-libs-32bit-8.1.22-0.8.1

   - SUSE Linux Enterprise Server 10 SP4 (ia64):

      postgresql-libs-x86-8.1.22-0.8.1

   - SUSE Linux Enterprise Server 10 SP4 (ppc):

      postgresql-libs-64bit-8.1.22-0.8.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      postgresql-devel-8.1.22-0.8.1
      postgresql-libs-8.1.22-0.8.1

   - SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

      postgresql-libs-32bit-8.1.22-0.8.1

   - SLE SDK 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64):

      postgresql-8.1.22-0.8.1

   - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

      postgresql-contrib-8.1.22-0.8.1
      postgresql-devel-8.1.22-0.8.1
      postgresql-docs-8.1.22-0.8.1
      postgresql-server-8.1.22-0.8.1


References:

   http://support.novell.com/security/cve/CVE-2012-0866.html
   http://support.novell.com/security/cve/CVE-2012-0868.html
   https://bugzilla.novell.com/749299
   https://bugzilla.novell.com/749303
   http://download.novell.com/patch/finder/?keywords=bb8dbe40ca6eb550de22331990660c8f



More information about the sle-updates mailing list