SUSE-SU-2020:2149-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2149-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:2149-1
- Related
- Published
- 2020-08-06T11:37:25Z
- Modified
- 2020-08-06T11:37:25Z
- Summary
- Security update for postgresql10 and postgresql12
- Details
-
This update for postgresql10 and postgresql12 fixes the following issues:
postgresql10 was updated to 10.13 (bsc#1171924).
https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html
postgresql10 was updated to 10.12 (CVE-2020-1720, bsc#1163985)
- https://www.postgresql.org/about/news/2011/
- https://www.postgresql.org/docs/10/release-10-12.html
postgresql10 was updated to 10.11:
- https://www.postgresql.org/about/news/1994/
- https://www.postgresql.org/docs/10/release-10-11.html
postgresql12 was updated to 12.3 (bsc#1171924).
Bug Fixes and Improvements:
- Several fixes for GENERATED columns, including an issue where it was possible to crash or corrupt data in a table when the output of the generated column was the exact copy of a physical column on the table, e.g. if the expression called a function which could return its own input.
- Several fixes for ALTER TABLE, including ensuring the SET STORAGE directive is propagated to a table's indexes.
- Fix a potential race condition when using DROP OWNED BY while another session is deleting the same objects.
- Allow for a partition to be detached when it has inherited ROW triggers.
- Several fixes for REINDEX CONCURRENTLY, particularly with issues when a REINDEX CONCURRENTLY operation fails.
- Fix crash when COLLATE is applied to an uncollatable type in a partition bound expression.
- Fix performance regression in floating point overflow/underflow detection.
- Several fixes for full text search, particularly with phrase searching.
- Fix query-lifespan memory leak for a set-returning function used in a query's FROM clause.
- Several reporting fixes for the output of VACUUM VERBOSE.
- Allow input of type circle to accept the format (x,y),r, which is specified in the documentation.
- Allow for the getbit() and setbit() functions to not fail on bytea strings longer than 256MB.
- Avoid premature recycling of WAL segments during crash recovery, which could lead to WAL segments being recycled before being archived.
- Avoid attempting to fetch nonexistent WAL files from archive storage during recovery by skipping irrelevant timelines.
- Several fixes for logical replication and replication slots.
- Fix several race conditions in synchronous standby management, including one that occurred when changing the synchronousstandbynames setting.
- Several fixes for GSSAPI support, include a fix for a memory leak that occurred when using GSSAPI encryption.
- Ensure that members of the pgreadall_stats role can read all statistics views.
- Fix performance regression in information_schema.triggers view.
- Fix memory leak in libpq when using sslmode=verify-full.
- Fix crash in psql when attempting to re-establish a failed connection.
- Allow tab-completion of the filename argument to \gx command in psql.
- Add pg_dump support for ALTER ... DEPENDS ON EXTENSION.
- Several other fixes for pg_dump, which include dumping comments on RLS policies and postponing restore of event triggers until the end.
- Ensure pg_basebackup generates valid tar files.
- pg_checksums skips tablespace subdirectories that belong to a different PostgreSQL major version
- Several Windows compatibility fixes
This update also contains timezone tzdata release 2020a for DST law changes in Morocco and the Canadian Yukon, plus historical corrections for Shanghai. The America/Godthab zone has been renamed to America/Nuuk to reflect current English usage ; however, the old name remains available as a compatibility link. This also updates initdb's list of known Windows time zone names to include recent additions.
For more details, check out:
- https://www.postgresql.org/docs/12/release-12-3.html
Other fixes:
- Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean and complete cutover to the new packaging schema.
- References
Affected packages
SUSE:Linux Enterprise Module for Basesystem 15 SP1 / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
SUSE:Linux Enterprise Module for Basesystem 15 SP1 / postgresql12
Package
- Name
- postgresql12
- Purl
- purl:rpm/suse/postgresql12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
SUSE:Linux Enterprise Module for Package Hub 15 SP1 / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1
SUSE:Linux Enterprise Module for Server Applications 15 SP1 / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.0.1-8.14.1
Ecosystem specific
{
"binaries": [
{
"postgresql12-docs": "12.3-3.8.1",
"libecpg6": "12.3-3.8.1",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql12-plperl": "12.3-3.8.1",
"postgresql12-plpython": "12.3-3.8.1",
"postgresql12-contrib": "12.3-3.8.1",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql12-devel": "12.3-3.8.1",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql12-server": "12.3-3.8.1",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql12-pltcl": "12.3-3.8.1",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql-server-devel": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql12-server-devel": "12.3-3.8.1"
}
]
}
SUSE:Linux Enterprise Module for Server Applications 15 SP1 / postgresql12
Package
- Name
- postgresql12
- Purl
- purl:rpm/suse/postgresql12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.3-3.8.1
Ecosystem specific
{
"binaries": [
{
"postgresql12-docs": "12.3-3.8.1",
"libecpg6": "12.3-3.8.1",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql12-plperl": "12.3-3.8.1",
"postgresql12-plpython": "12.3-3.8.1",
"postgresql12-contrib": "12.3-3.8.1",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql12-devel": "12.3-3.8.1",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql12-server": "12.3-3.8.1",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql12-pltcl": "12.3-3.8.1",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql-server-devel": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql12-server-devel": "12.3-3.8.1"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15-ESPOS / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.0.1-8.14.1
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15-ESPOS / postgresql10
Package
- Name
- postgresql10
- Purl
- purl:rpm/suse/postgresql10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.13-4.22.4
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15-LTSS / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.0.1-8.14.1
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise High Performance Computing 15-LTSS / postgresql10
Package
- Name
- postgresql10
- Purl
- purl:rpm/suse/postgresql10&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.13-4.22.4
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise Server 15-LTSS / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.0.1-8.14.1
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise Server 15-LTSS / postgresql10
Package
- Name
- postgresql10
- Purl
- purl:rpm/suse/postgresql10&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.13-4.22.4
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 15 / postgresql
Package
- Name
- postgresql
- Purl
- purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed12.0.1-8.14.1
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 15 / postgresql10
Package
- Name
- postgresql10
- Purl
- purl:rpm/suse/postgresql10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed10.13-4.22.4
Ecosystem specific
{
"binaries": [
{
"postgresql10-docs": "10.13-4.22.4",
"libpq5-32bit": "10.13-4.22.4",
"libecpg6": "10.13-4.22.4",
"postgresql-plperl": "12.0.1-8.14.1",
"postgresql10-contrib": "10.13-4.22.4",
"libpq5": "10.13-4.22.4",
"postgresql-devel": "12.0.1-8.14.1",
"postgresql-pltcl": "12.0.1-8.14.1",
"postgresql10-plperl": "10.13-4.22.4",
"postgresql10-devel": "10.13-4.22.4",
"postgresql-docs": "12.0.1-8.14.1",
"postgresql10-pltcl": "10.13-4.22.4",
"postgresql-plpython": "12.0.1-8.14.1",
"postgresql10-server": "10.13-4.22.4",
"postgresql-contrib": "12.0.1-8.14.1",
"postgresql10": "10.13-4.22.4",
"postgresql": "12.0.1-8.14.1",
"postgresql-server": "12.0.1-8.14.1",
"postgresql10-plpython": "10.13-4.22.4"
}
]
}