CVE-2024-4317
OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql12?expand=0&rev=100
This commit is contained in:
parent
76fc3dce47
commit
481e8e504e
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a
|
|
||||||
size 21208935
|
|
@ -1 +0,0 @@
|
|||||||
4f9919725d941ce9868e07fe1ed1d3a86748599b483386547583928b74c3918a postgresql-12.18.tar.bz2
|
|
3
postgresql-12.19.tar.bz2
Normal file
3
postgresql-12.19.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb
|
||||||
|
size 21218699
|
1
postgresql-12.19.tar.bz2.sha256
Normal file
1
postgresql-12.19.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
|||||||
|
617e3de52c22e822f4f57d01d5b2240503e198a9eccaf598a851109bd18e6fbb postgresql-12.19.tar.bz2
|
@ -1,3 +1,28 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu May 9 14:09:31 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
||||||
|
|
||||||
|
- Upgrade to 12.19:
|
||||||
|
CVE-2024-4317: Restrict visibility of pg_stats_ext and
|
||||||
|
pg_stats_ext_exprs entries to the table owner
|
||||||
|
|
||||||
|
Missing authorization in PostgreSQL built-in views pg_stats_ext
|
||||||
|
and pg_stats_ext_exprs allows an unprivileged database user to
|
||||||
|
read most common values and other statistics from CREATE
|
||||||
|
STATISTICS commands of other users. The most common values may
|
||||||
|
reveal column values the eavesdropper could not otherwise read or
|
||||||
|
results of functions they cannot execute.
|
||||||
|
|
||||||
|
This fix only fixes fresh PostgreSQL installations, namely those
|
||||||
|
that are created with the initdb utility after this fix is
|
||||||
|
applied. If you have a current PostgreSQL installation and are
|
||||||
|
concerned about this issue, please follow the instructions in the
|
||||||
|
"Updating" section on this link:
|
||||||
|
https://www.postgresql.org/about/news/postgresql-163-157-1412-1315-and-1219-released-2858/
|
||||||
|
|
||||||
|
The SQL file is in /usr/share/postgresql12/fix-CVE-2024-4317.sql
|
||||||
|
|
||||||
|
https://www.postgresql.org/docs/release/12.19/
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed May 1 15:24:39 UTC 2024 - Aaron Puchert <aaronpuchert@alice-dsl.net>
|
Wed May 1 15:24:39 UTC 2024 - Aaron Puchert <aaronpuchert@alice-dsl.net>
|
||||||
|
|
||||||
|
@ -16,7 +16,7 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
%define pgversion 12.18
|
%define pgversion 12.19
|
||||||
%define pgmajor 12
|
%define pgmajor 12
|
||||||
%define buildlibs 0
|
%define buildlibs 0
|
||||||
%define tarversion %{pgversion}
|
%define tarversion %{pgversion}
|
||||||
|
Loading…
Reference in New Issue
Block a user