Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.1326
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.1326
<patchinfo incident="1326"> <category>security</category> <rating>moderate</rating> <packager>msmeissn</packager> <summary>Security update for postgresql93</summary> <description> The PostreSQL database postgresql93 was updated to the bugfix release 9.3.10: Security issues fixed: - CVE-2015-5289, bsc#949670: json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service. - CVE-2015-5288, bsc#949669: The crypt() function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed. For the full release notes, see: http://www.postgresql.org/docs/current/static/release-9-3-10.html Other bugs fixed: * Move systemd related stuff and user creation to postgresql-init. * Remove some obsolete %suse_version conditionals. * Relax dependency on libpq to major version. * Fix possible failure to recover from an inconsistent database state. See full release notes for details. * Fix rare failure to invalidate relation cache init file. * Avoid deadlock between incoming sessions and CREATE/DROP DATABASE. * Improve planner's cost estimates for semi-joins and anti-joins with inner indexscans * For the full release notes for 9.3.9 see: http://www.postgresql.org/docs/9.3/static/release-9-3-9.html </description> <issue tracker="cve" id="CVE-2015-5288"/> <issue tracker="cve" id="CVE-2015-5289"/> <issue tracker="bnc" id="949669">VUL-0: CVE-2015-5288: postgresql: Memory leak in crypt() function</issue> <issue tracker="bnc" id="949670">VUL-0: CVE-2015-5289: postgresql: Unchecked JSON input can crash the server</issue> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor