SUSE-RU-2020:1280-1

Source
https://www.suse.com/support/update/announcement/2020/suse-ru-20201280-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:1280-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-RU-2020:1280-1
Related
Published
2020-05-14T12:28:08Z
Modified
2020-05-14T12:28:08Z
Summary
Recommended update for postgresql, postgresql10, postgresql12
Details

This update for postgresql, postgresql10, postgresql12 fixes the following issues:

Changes in the postgresql wrapper package:

  • Sync ownership of /run/postgresql in the file list with tmpfiles.
  • Use the correct content for .bash_profile (bsc#1153168).
  • Stop shipping SUSEfirewall2 config files (bsc#1151591).
  • Use /run/postgresql instead of /var/run/postgresql in %ghost and postgresql-tmpfiles.conf to avoid rpmlint warnings and errors.
  • add /var/run/postgresql to the filelist. as %ghost for systemd systems and directly for non systemd systems

Changes in postgresql10:

  • packaging changed to no longer build the libraries, these now come from postgresql12.

Changes in postgresql12:

Initial package for the postgresql 12 branch

https://www.postgresql.org/about/news/1976/

  • Update to 12.2 (CVE-2020-1720) https://www.postgresql.org/about/news/2011/ https://www.postgresql.org/docs/12/release-12-2.html

  • Avoid the dependency from the devel package to the main package. devel packages are exclusive, thus ecpg does not require update-alternatives.

  • Remove unused build dependencies from the client libs package: LVM, icu, selinux, systemd.

  • Update to 12.1

    https://www.postgresql.org/docs/12/release-12-1.html https://www.postgresql.org/about/news/1994/

  • add requires to the server-devel package for the libs that are returned by pg_config --libs

python-psycopg2 was updated to 2.8.4 to allow working with postgresql12.

References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / postgresql

Package

Name
postgresql
Purl
purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12-8.11.3

Ecosystem specific

{
    "binaries": [
        {
            "libpq5": "12.2-3.5.2",
            "postgresql": "12-8.11.3",
            "python3-psycopg2": "2.8.4-5.4.6",
            "postgresql10": "10.12-8.13.10",
            "postgresql12": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / postgresql10

Package

Name
postgresql10
Purl
purl:rpm/suse/postgresql10&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.12-8.13.9

Ecosystem specific

{
    "binaries": [
        {
            "libpq5": "12.2-3.5.2",
            "postgresql": "12-8.11.3",
            "python3-psycopg2": "2.8.4-5.4.6",
            "postgresql10": "10.12-8.13.10",
            "postgresql12": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / postgresql12

Package

Name
postgresql12
Purl
purl:rpm/suse/postgresql12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.2-3.5.2

Ecosystem specific

{
    "binaries": [
        {
            "libpq5": "12.2-3.5.2",
            "postgresql": "12-8.11.3",
            "python3-psycopg2": "2.8.4-5.4.6",
            "postgresql10": "10.12-8.13.10",
            "postgresql12": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / postgresql12-libs

Package

Name
postgresql12-libs
Purl
purl:rpm/suse/postgresql12-libs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.2-3.5.2

Ecosystem specific

{
    "binaries": [
        {
            "libpq5": "12.2-3.5.2",
            "postgresql": "12-8.11.3",
            "python3-psycopg2": "2.8.4-5.4.6",
            "postgresql10": "10.12-8.13.10",
            "postgresql12": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / python-psycopg2

Package

Name
python-psycopg2
Purl
purl:rpm/suse/python-psycopg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.4-5.4.6

Ecosystem specific

{
    "binaries": [
        {
            "libpq5": "12.2-3.5.2",
            "postgresql": "12-8.11.3",
            "python3-psycopg2": "2.8.4-5.4.6",
            "postgresql10": "10.12-8.13.10",
            "postgresql12": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Server Applications 15 SP1 / postgresql

Package

Name
postgresql
Purl
purl:rpm/suse/postgresql&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12-8.11.3

Ecosystem specific

{
    "binaries": [
        {
            "postgresql10-docs": "10.12-8.13.10",
            "postgresql12-docs": "12.2-3.5.2",
            "postgresql-plperl": "12-8.11.3",
            "libecpg6": "12.2-3.5.2",
            "postgresql10-contrib": "10.12-8.13.10",
            "postgresql12-plperl": "12.2-3.5.2",
            "postgresql12-plpython": "12.2-3.5.2",
            "postgresql12-contrib": "12.2-3.5.2",
            "postgresql-devel": "12-8.11.3",
            "postgresql-pltcl": "12-8.11.3",
            "postgresql10-plperl": "10.12-8.13.10",
            "postgresql12-devel": "12.2-3.5.2",
            "postgresql10-devel": "10.12-8.13.9",
            "postgresql-docs": "12-8.11.3",
            "postgresql10-pltcl": "10.12-8.13.10",
            "postgresql-plpython": "12-8.11.3",
            "postgresql10-server": "10.12-8.13.10",
            "postgresql12-pltcl": "12.2-3.5.2",
            "postgresql12-server": "12.2-3.5.2",
            "postgresql-contrib": "12-8.11.3",
            "postgresql-server-devel": "12-8.11.3",
            "postgresql-server": "12-8.11.3",
            "postgresql10-plpython": "10.12-8.13.10",
            "postgresql12-server-devel": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Server Applications 15 SP1 / postgresql10

Package

Name
postgresql10
Purl
purl:rpm/suse/postgresql10&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.12-8.13.9

Ecosystem specific

{
    "binaries": [
        {
            "postgresql10-docs": "10.12-8.13.10",
            "postgresql12-docs": "12.2-3.5.2",
            "postgresql-plperl": "12-8.11.3",
            "libecpg6": "12.2-3.5.2",
            "postgresql10-contrib": "10.12-8.13.10",
            "postgresql12-plperl": "12.2-3.5.2",
            "postgresql12-plpython": "12.2-3.5.2",
            "postgresql12-contrib": "12.2-3.5.2",
            "postgresql-devel": "12-8.11.3",
            "postgresql-pltcl": "12-8.11.3",
            "postgresql10-plperl": "10.12-8.13.10",
            "postgresql12-devel": "12.2-3.5.2",
            "postgresql10-devel": "10.12-8.13.9",
            "postgresql-docs": "12-8.11.3",
            "postgresql10-pltcl": "10.12-8.13.10",
            "postgresql-plpython": "12-8.11.3",
            "postgresql10-server": "10.12-8.13.10",
            "postgresql12-pltcl": "12.2-3.5.2",
            "postgresql12-server": "12.2-3.5.2",
            "postgresql-contrib": "12-8.11.3",
            "postgresql-server-devel": "12-8.11.3",
            "postgresql-server": "12-8.11.3",
            "postgresql10-plpython": "10.12-8.13.10",
            "postgresql12-server-devel": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Server Applications 15 SP1 / postgresql12

Package

Name
postgresql12
Purl
purl:rpm/suse/postgresql12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.2-3.5.2

Ecosystem specific

{
    "binaries": [
        {
            "postgresql10-docs": "10.12-8.13.10",
            "postgresql12-docs": "12.2-3.5.2",
            "postgresql-plperl": "12-8.11.3",
            "libecpg6": "12.2-3.5.2",
            "postgresql10-contrib": "10.12-8.13.10",
            "postgresql12-plperl": "12.2-3.5.2",
            "postgresql12-plpython": "12.2-3.5.2",
            "postgresql12-contrib": "12.2-3.5.2",
            "postgresql-devel": "12-8.11.3",
            "postgresql-pltcl": "12-8.11.3",
            "postgresql10-plperl": "10.12-8.13.10",
            "postgresql12-devel": "12.2-3.5.2",
            "postgresql10-devel": "10.12-8.13.9",
            "postgresql-docs": "12-8.11.3",
            "postgresql10-pltcl": "10.12-8.13.10",
            "postgresql-plpython": "12-8.11.3",
            "postgresql10-server": "10.12-8.13.10",
            "postgresql12-pltcl": "12.2-3.5.2",
            "postgresql12-server": "12.2-3.5.2",
            "postgresql-contrib": "12-8.11.3",
            "postgresql-server-devel": "12-8.11.3",
            "postgresql-server": "12-8.11.3",
            "postgresql10-plpython": "10.12-8.13.10",
            "postgresql12-server-devel": "12.2-3.5.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Server Applications 15 SP1 / postgresql12-libs

Package

Name
postgresql12-libs
Purl
purl:rpm/suse/postgresql12-libs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
12.2-3.5.2

Ecosystem specific

{
    "binaries": [
        {
            "postgresql10-docs": "10.12-8.13.10",
            "postgresql12-docs": "12.2-3.5.2",
            "postgresql-plperl": "12-8.11.3",
            "libecpg6": "12.2-3.5.2",
            "postgresql10-contrib": "10.12-8.13.10",
            "postgresql12-plperl": "12.2-3.5.2",
            "postgresql12-plpython": "12.2-3.5.2",
            "postgresql12-contrib": "12.2-3.5.2",
            "postgresql-devel": "12-8.11.3",
            "postgresql-pltcl": "12-8.11.3",
            "postgresql10-plperl": "10.12-8.13.10",
            "postgresql12-devel": "12.2-3.5.2",
            "postgresql10-devel": "10.12-8.13.9",
            "postgresql-docs": "12-8.11.3",
            "postgresql10-pltcl": "10.12-8.13.10",
            "postgresql-plpython": "12-8.11.3",
            "postgresql10-server": "10.12-8.13.10",
            "postgresql12-pltcl": "12.2-3.5.2",
            "postgresql12-server": "12.2-3.5.2",
            "postgresql-contrib": "12-8.11.3",
            "postgresql-server-devel": "12-8.11.3",
            "postgresql-server": "12-8.11.3",
            "postgresql10-plpython": "10.12-8.13.10",
            "postgresql12-server-devel": "12.2-3.5.2"
        }
    ]
}