Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 615
Alerts This Week
Warning Icon 1 615

openSUSE Leap 15.2 Security Update 2021:0894-1 Moderate for PostgreSQL10

opensuse
Calendar Grey June 17, 2021
Dist Opensuse Esm H88
Important news for openSUSE users concerning postgresql10 resolves several vulnerabilities and significantly bolsters system security.
An update that solves two vulnerabilities and has one errata is now available

Description

This update for postgresql10 fixes the following issues:

- Upgrade to version 10.17:

- CVE-2021-32027: Fixed integer overflows in array subscripting

calculations (bsc#1185924).

- CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON

CONFLICT ... UPDATE target lists (bsc#1185925).

- Don't use %_stop_on_removal, because it was meant to be private and got

removed from openSUSE. %_restart_on_update is also private, but still

supported and needed for now (bsc#1183168).

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-894=1

Package List

- openSUSE Leap 15.2 (i586 x86_64):

postgresql10-10.17-lp152.2.21.1

postgresql10-contrib-10.17-lp152.2.21.1

postgresql10-contrib-debuginfo-10.17-lp152.2.21.1

postgresql10-debuginfo-10.17-lp152.2.21.1

postgresql10-debugsource-10.17-lp152.2.21.1

postgresql10-devel-10.17-lp152.2.21.1

postgresql10-devel-debuginfo-10.17-lp152.2.21.1

postgresql10-plperl-10.17-lp152.2.21.1

postgresql10-plperl-debuginfo-10.17-lp152.2.21.1

postgresql10-plpython-10.17-lp152.2.21.1

postgresql10-plpython-debuginfo-10.17-lp152.2.21.1

postgresql10-pltcl-10.17-lp152.2.21.1

postgresql10-pltcl-debuginfo-10.17-lp152.2.21.1

postgresql10-server-10.17-lp152.2.21.1

postgresql10-server-debuginfo-10.17-lp152.2.21.1

postgresql10-test-10.17-lp152.2.21.1

- openSUSE Leap 15.2 (noarch):

postgresql10-docs-10.17-lp152.2.21.1

References

https://www.suse.com/security/cve/CVE-2021-32027.html

https://www.suse.com/security/cve/CVE-2021-32028.html

https://bugzilla.suse.com/1183168

https://bugzilla.suse.com/1185924

https://bugzilla.suse.com/1185925

Announcement ID: openSUSE-SU-2021:0894-1
Rating: moderate
Affected Products: openSUSE Leap 15.2 ble.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.