SUSE-SU-2024:2262-3

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:2262-3.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2024:2262-3

Related

CVE-2024-4317

Published

2024-07-31T08:31:24Z

Modified

2024-07-31T08:31:24Z

Summary

Security update for postgresql14

Details

This update for postgresql14 fixes the following issues:

Upgrade to 14.12 (bsc#1224051):
CVE-2024-4317: Restrict visibility of pgstatsext and pgstatsext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038)

References

Affected packages

SUSE:Linux Enterprise Module for Legacy 15 SP6 / postgresql14

Package

Name: postgresql14
Purl: purl:rpm/suse/postgresql14&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

14.12-150600.16.3.1

Ecosystem specific

{
    "binaries": [
        {
            "postgresql14-docs": "14.12-150600.16.3.1",
            "postgresql14-contrib": "14.12-150600.16.3.1",
            "postgresql14-devel": "14.12-150600.16.3.1",
            "postgresql14-server-devel": "14.12-150600.16.3.1",
            "postgresql14-plpython": "14.12-150600.16.3.1",
            "postgresql14": "14.12-150600.16.3.1",
            "postgresql14-plperl": "14.12-150600.16.3.1",
            "postgresql14-pltcl": "14.12-150600.16.3.1",
            "postgresql14-server": "14.12-150600.16.3.1"
        }
    ]
}