SUSE-SU-2020:2149-1: moderate: Security update for postgresql10 and postgresql12
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Thu Aug 6 10:30:48 MDT 2020
SUSE Security Update: Security update for postgresql10 and postgresql12
______________________________________________________________________________
Announcement ID: SUSE-SU-2020:2149-1
Rating: moderate
References: #1148643 #1163985 #1171924
Cross-References: CVE-2020-1720
Affected Products:
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Module for Server Applications 15-SP1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1
SUSE Linux Enterprise Module for Basesystem 15-SP1
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-ESPOS
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for postgresql10 and postgresql12 fixes the following issues:
postgresql10 was updated to 10.13 (bsc#1171924).
https://www.postgresql.org/about/news/2038/
https://www.postgresql.org/docs/10/release-10-13.html
postgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)
- https://www.postgresql.org/about/news/2011/
- https://www.postgresql.org/docs/10/release-10-12.html
postgresql10 was updated to 10.11:
- https://www.postgresql.org/about/news/1994/
- https://www.postgresql.org/docs/10/release-10-11.html
postgresql12 was updated to 12.3 (bsc#1171924).
Bug Fixes and Improvements:
- Several fixes for GENERATED columns, including an issue where it was
possible to crash or corrupt data in a table when the output of the
generated column was the exact copy of a physical column on the table,
e.g. if the expression called a function which could return its own
input.
- Several fixes for ALTER TABLE, including ensuring the SET STORAGE
directive is propagated to a table's indexes.
- Fix a potential race condition when using DROP OWNED BY while another
session is deleting the same objects.
- Allow for a partition to be detached when it has inherited ROW triggers.
- Several fixes for REINDEX CONCURRENTLY, particularly with issues when a
REINDEX CONCURRENTLY operation fails.
- Fix crash when COLLATE is applied to an uncollatable type in a partition
bound expression.
- Fix performance regression in floating point overflow/underflow
detection.
- Several fixes for full text search, particularly with phrase searching.
- Fix query-lifespan memory leak for a set-returning function used in a
query's FROM clause.
- Several reporting fixes for the output of VACUUM VERBOSE.
- Allow input of type circle to accept the format (x,y),r, which is
specified in the documentation.
- Allow for the get_bit() and set_bit() functions to not fail on bytea
strings longer than 256MB.
- Avoid premature recycling of WAL segments during crash recovery, which
could lead to WAL segments being recycled before being archived.
- Avoid attempting to fetch nonexistent WAL files from archive storage
during recovery by skipping irrelevant timelines.
- Several fixes for logical replication and replication slots.
- Fix several race conditions in synchronous standby management, including
one that occurred when changing the synchronous_standby_names setting.
- Several fixes for GSSAPI support, include a fix for a memory leak that
occurred when using GSSAPI encryption.
- Ensure that members of the pg_read_all_stats role can read all
statistics views.
- Fix performance regression in information_schema.triggers view.
- Fix memory leak in libpq when using sslmode=verify-full.
- Fix crash in psql when attempting to re-establish a failed connection.
- Allow tab-completion of the filename argument to \gx command in psql.
- Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.
- Several other fixes for pg_dump, which include dumping comments on RLS
policies and postponing restore of event triggers until the end.
- Ensure pg_basebackup generates valid tar files.
- pg_checksums skips tablespace subdirectories that belong to a different
PostgreSQL major version
- Several Windows compatibility fixes
This update also contains timezone tzdata release 2020a for DST law
changes in Morocco and the Canadian Yukon, plus historical corrections for
Shanghai. The America/Godthab zone has been renamed to America/Nuuk to
reflect current English usage ; however, the old name remains available as
a compatibility link. This also updates initdb's list of known Windows
time zone names to include recent additions.
For more details, check out:
- https://www.postgresql.org/docs/12/release-12-3.html
Other fixes:
- Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean
and complete cutover to the new packaging schema.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-2149=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2020-2149=1
- SUSE Linux Enterprise Module for Server Applications 15-SP1:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP1-2020-2149=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP1-2020-2149=1
- SUSE Linux Enterprise Module for Basesystem 15-SP1:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2149=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2020-2149=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2020-2149=1
Package List:
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libecpg6-10.13-4.22.4
libecpg6-debuginfo-10.13-4.22.4
libpq5-10.13-4.22.4
libpq5-debuginfo-10.13-4.22.4
postgresql10-10.13-4.22.4
postgresql10-contrib-10.13-4.22.4
postgresql10-contrib-debuginfo-10.13-4.22.4
postgresql10-debuginfo-10.13-4.22.4
postgresql10-debugsource-10.13-4.22.4
postgresql10-devel-10.13-4.22.4
postgresql10-devel-debuginfo-10.13-4.22.4
postgresql10-plperl-10.13-4.22.4
postgresql10-plperl-debuginfo-10.13-4.22.4
postgresql10-plpython-10.13-4.22.4
postgresql10-plpython-debuginfo-10.13-4.22.4
postgresql10-pltcl-10.13-4.22.4
postgresql10-pltcl-debuginfo-10.13-4.22.4
postgresql10-server-10.13-4.22.4
postgresql10-server-debuginfo-10.13-4.22.4
- SUSE Linux Enterprise Server for SAP 15 (noarch):
postgresql-12.0.1-8.14.1
postgresql-contrib-12.0.1-8.14.1
postgresql-devel-12.0.1-8.14.1
postgresql-docs-12.0.1-8.14.1
postgresql-plperl-12.0.1-8.14.1
postgresql-plpython-12.0.1-8.14.1
postgresql-pltcl-12.0.1-8.14.1
postgresql-server-12.0.1-8.14.1
postgresql10-docs-10.13-4.22.4
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libpq5-32bit-10.13-4.22.4
libpq5-32bit-debuginfo-10.13-4.22.4
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libecpg6-10.13-4.22.4
libecpg6-debuginfo-10.13-4.22.4
libpq5-10.13-4.22.4
libpq5-debuginfo-10.13-4.22.4
postgresql10-10.13-4.22.4
postgresql10-contrib-10.13-4.22.4
postgresql10-contrib-debuginfo-10.13-4.22.4
postgresql10-debuginfo-10.13-4.22.4
postgresql10-debugsource-10.13-4.22.4
postgresql10-devel-10.13-4.22.4
postgresql10-devel-debuginfo-10.13-4.22.4
postgresql10-plperl-10.13-4.22.4
postgresql10-plperl-debuginfo-10.13-4.22.4
postgresql10-plpython-10.13-4.22.4
postgresql10-plpython-debuginfo-10.13-4.22.4
postgresql10-pltcl-10.13-4.22.4
postgresql10-pltcl-debuginfo-10.13-4.22.4
postgresql10-server-10.13-4.22.4
postgresql10-server-debuginfo-10.13-4.22.4
- SUSE Linux Enterprise Server 15-LTSS (noarch):
postgresql-12.0.1-8.14.1
postgresql-contrib-12.0.1-8.14.1
postgresql-devel-12.0.1-8.14.1
postgresql-docs-12.0.1-8.14.1
postgresql-plperl-12.0.1-8.14.1
postgresql-plpython-12.0.1-8.14.1
postgresql-pltcl-12.0.1-8.14.1
postgresql-server-12.0.1-8.14.1
postgresql10-docs-10.13-4.22.4
- SUSE Linux Enterprise Module for Server Applications 15-SP1 (aarch64 ppc64le s390x x86_64):
libecpg6-12.3-3.8.1
libecpg6-debuginfo-12.3-3.8.1
postgresql12-contrib-12.3-3.8.1
postgresql12-contrib-debuginfo-12.3-3.8.1
postgresql12-debuginfo-12.3-3.8.1
postgresql12-debugsource-12.3-3.8.1
postgresql12-devel-12.3-3.8.1
postgresql12-devel-debuginfo-12.3-3.8.1
postgresql12-plperl-12.3-3.8.1
postgresql12-plperl-debuginfo-12.3-3.8.1
postgresql12-plpython-12.3-3.8.1
postgresql12-plpython-debuginfo-12.3-3.8.1
postgresql12-pltcl-12.3-3.8.1
postgresql12-pltcl-debuginfo-12.3-3.8.1
postgresql12-server-12.3-3.8.1
postgresql12-server-debuginfo-12.3-3.8.1
postgresql12-server-devel-12.3-3.8.1
postgresql12-server-devel-debuginfo-12.3-3.8.1
- SUSE Linux Enterprise Module for Server Applications 15-SP1 (noarch):
postgresql-contrib-12.0.1-8.14.1
postgresql-devel-12.0.1-8.14.1
postgresql-docs-12.0.1-8.14.1
postgresql-plperl-12.0.1-8.14.1
postgresql-plpython-12.0.1-8.14.1
postgresql-pltcl-12.0.1-8.14.1
postgresql-server-12.0.1-8.14.1
postgresql-server-devel-12.0.1-8.14.1
postgresql12-docs-12.3-3.8.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 (noarch):
postgresql-test-12.0.1-8.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64):
libpq5-12.3-3.8.1
libpq5-debuginfo-12.3-3.8.1
postgresql12-12.3-3.8.1
postgresql12-debuginfo-12.3-3.8.1
postgresql12-debugsource-12.3-3.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP1 (noarch):
postgresql-12.0.1-8.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64):
libpq5-32bit-12.3-3.8.1
libpq5-32bit-debuginfo-12.3-3.8.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libecpg6-10.13-4.22.4
libecpg6-debuginfo-10.13-4.22.4
libpq5-10.13-4.22.4
libpq5-debuginfo-10.13-4.22.4
postgresql10-10.13-4.22.4
postgresql10-contrib-10.13-4.22.4
postgresql10-contrib-debuginfo-10.13-4.22.4
postgresql10-debuginfo-10.13-4.22.4
postgresql10-debugsource-10.13-4.22.4
postgresql10-devel-10.13-4.22.4
postgresql10-devel-debuginfo-10.13-4.22.4
postgresql10-plperl-10.13-4.22.4
postgresql10-plperl-debuginfo-10.13-4.22.4
postgresql10-plpython-10.13-4.22.4
postgresql10-plpython-debuginfo-10.13-4.22.4
postgresql10-pltcl-10.13-4.22.4
postgresql10-pltcl-debuginfo-10.13-4.22.4
postgresql10-server-10.13-4.22.4
postgresql10-server-debuginfo-10.13-4.22.4
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libpq5-32bit-10.13-4.22.4
libpq5-32bit-debuginfo-10.13-4.22.4
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
postgresql-12.0.1-8.14.1
postgresql-contrib-12.0.1-8.14.1
postgresql-devel-12.0.1-8.14.1
postgresql-docs-12.0.1-8.14.1
postgresql-plperl-12.0.1-8.14.1
postgresql-plpython-12.0.1-8.14.1
postgresql-pltcl-12.0.1-8.14.1
postgresql-server-12.0.1-8.14.1
postgresql10-docs-10.13-4.22.4
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libecpg6-10.13-4.22.4
libecpg6-debuginfo-10.13-4.22.4
libpq5-10.13-4.22.4
libpq5-debuginfo-10.13-4.22.4
postgresql10-10.13-4.22.4
postgresql10-contrib-10.13-4.22.4
postgresql10-contrib-debuginfo-10.13-4.22.4
postgresql10-debuginfo-10.13-4.22.4
postgresql10-debugsource-10.13-4.22.4
postgresql10-devel-10.13-4.22.4
postgresql10-devel-debuginfo-10.13-4.22.4
postgresql10-plperl-10.13-4.22.4
postgresql10-plperl-debuginfo-10.13-4.22.4
postgresql10-plpython-10.13-4.22.4
postgresql10-plpython-debuginfo-10.13-4.22.4
postgresql10-pltcl-10.13-4.22.4
postgresql10-pltcl-debuginfo-10.13-4.22.4
postgresql10-server-10.13-4.22.4
postgresql10-server-debuginfo-10.13-4.22.4
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
postgresql-12.0.1-8.14.1
postgresql-contrib-12.0.1-8.14.1
postgresql-devel-12.0.1-8.14.1
postgresql-docs-12.0.1-8.14.1
postgresql-plperl-12.0.1-8.14.1
postgresql-plpython-12.0.1-8.14.1
postgresql-pltcl-12.0.1-8.14.1
postgresql-server-12.0.1-8.14.1
postgresql10-docs-10.13-4.22.4
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libpq5-32bit-10.13-4.22.4
libpq5-32bit-debuginfo-10.13-4.22.4
References:
https://www.suse.com/security/cve/CVE-2020-1720.html
https://bugzilla.suse.com/1148643
https://bugzilla.suse.com/1163985
https://bugzilla.suse.com/1171924
More information about the sle-updates
mailing list