SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2021-543

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2021-543

Security update for postgresql13

Type: security

Severity: moderate

Issued: 2021-02-22

Description:

This update for postgresql13 fixes the following issues:

Upgrade to version 13.2:

  * Updating stored views and reindexing might be needed after applying this update.
  * CVE-2021-3393, bsc#1182040: Fix information leakage in constraint-violation error messages.
  * CVE-2021-20229, bsc#1182039: Fix failure to check per-column SELECT privileges in some join queries.

References

CVE: CVE-2021-3393
CVE: CVE-2021-20229
Bugzilla: 1182040 VUL-1: CVE-2021-3393: EMBARGOED: postgresql91,postgresql94,postgresql12,postgresql13,postgresql96,postgresql10: Fix information leakage in constraint-violation error messages
Bugzilla: 1182039 VUL-1: CVE-2021-20229: EMBARGOED: postgresql10,postgresql13,postgresql91,postgresql96,postgresql94,postgresql12: Fix failure to check per-column SELECT privileges in some join queries
Bugzilla: 1179765 [rpm4.16] postgresql fails with fixed brp-check-suse

Packages

postgresql13-13.2-5.6.1