Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

SUSE: 2018:2564-1 Moderate: PostgreSQL 10 Security Update Details

suse
Calendar Grey August 30, 2018
Dist Suse Esm H88
PostgreSQL 12 release resolves various vulnerabilities. Safeguard your setups by applying this important update.
An update that fixes three vulnerabilities is now available

Summary

This update for postgresql10 fixes the following issues: PostgreSQL 10 was updated to 10.5: - https://www.postgresql.org/about/news/postgresql-104-969-9513-9418-and-9323-released-1851/ - https://www.postgresql.org/docs/10/release-10-5.html A dump/restore is not required for those running 10.X. However, if you use the adminpack extension, you should update it as per the first changelog entry below. Also, if the function marking mistakes mentioned in the second and third changelog entries below affect you, you will want to take steps to correct your database catalogs. Security issues fixed: - CVE-2018-1115: Remove public execute privilege from contrib/adminpack's pg_logfile_rotate() function pg_logfile_rotate() is a deprecated wrapper

References

#1091610 #1104199 #1104202

Cross- CVE-2018-10915 CVE-2018-10925 CVE-2018-1115

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2018-10915.html

https://www.suse.com/security/cve/CVE-2018-10925.html

https://www.suse.com/security/cve/CVE-2018-1115.html

https://bugzilla.suse.com/1091610

https://bugzilla.suse.com/1104199

https://bugzilla.suse.com/1104202

Announcement ID: SUSE-SU-2018:2564-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.