Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

SUSE: 2024:4052-1 critical: postgresql, postgresql16, postgresql17 updates

suse
Calendar Grey November 25, 2024
Dist Suse Esm H88
Crucial security patch released for PostgreSQL addressing multiple vulnerabilities within SUSE Linux Enterprise offerings, featuring important corrections.
* bsc#1219340 * bsc#1230423 * bsc#1233323 * bsc#1233325 * bsc#1233326

Summary

## This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: * bsc#1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirmed on the PostgreSQL packagers list that ABI stability is being taken care of between minor releases. * bsc#1219340: The last fix was not correct. Improve it by removing the dependency again and call fillup only if it is installed. postgresql16 was updated to 16.6: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go

Topics%20covered

Topics Covered

security advisory security issue important SUSE postgresql postgresql16 postgresql17

References

* bsc#1219340

* bsc#1230423

* bsc#1233323

* bsc#1233325

* bsc#1233326

* bsc#1233327

* jsc#PED-11514

Cross-

* CVE-2024-10976

* CVE-2024-10977

* CVE-2024-10978

* CVE-2024-10979

CVSS scores:

* CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

* CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

* CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

* CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

* CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

* CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

* CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:4052-1
Release Date: 2024-11-25T16:10:44Z
Rating: important

Topics%20covered

Topics Covered

security advisory security issue important SUSE postgresql postgresql16 postgresql17

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here