Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2014-0067
Vulnerability from cvelistv5
Published
2014-03-28 17:00
Modified
2024-08-06 09:05
Severity ?
EPSS score ?
Summary
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T09:05:38.915Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { name: "DSA-2864", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2864", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.postgresql.org/about/news/1506/", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "DSA-2865", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2865", }, { name: "openSUSE-SU-2014:0345", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { name: "65721", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/65721", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT205031", }, { name: "APPLE-SA-2015-09-16-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { name: "openSUSE-SU-2014:0368", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205219", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-02-20T00:00:00", descriptions: [ { lang: "en", value: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-15T20:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { name: "DSA-2864", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2864", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.postgresql.org/about/news/1506/", }, { name: "APPLE-SA-2015-08-13-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "DSA-2865", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2865", }, { name: "openSUSE-SU-2014:0345", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { name: "65721", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/65721", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT205031", }, { name: "APPLE-SA-2015-09-16-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { name: "openSUSE-SU-2014:0368", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205219", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2014-0067", datePublished: "2014-03-28T17:00:00", dateReserved: "2013-12-03T00:00:00", dateUpdated: "2024-08-06T09:05:38.915Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2014-0067\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-03-31T14:58:15.787\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The \\\"make check\\\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.\"},{\"lang\":\"es\",\"value\":\"El comando \\\"make check\\\" para los suites de prueba en PostgreSQL 9.3.3 y anteriores no invoca debidamente initdb para especificar los requisitos de autenticación para un cluster de base de datos utilizado para las pruebas, lo que permite a usuarios locales ganar privilegios mediante el aprovechamiento de acceso a este cluster.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B0A12E-E122-4189-A05E-4FEA43C19876\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:5.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ACDF399-AE56-4130-8686-F8E4C9014DD9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.4.19\",\"matchCriteriaId\":\"140CD969-F690-4776-8761-1868D9032766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C991F71-1E27-47A6-97DC-424FC3EF6011\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5740C7AA-1772-41D8-9851-3E3669CD8521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"970338CD-A680-4DD0-BD27-459B0DDA4002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A99C579D-44C0-40A4-A4EB-CBCF40D0C2FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E9E57FA-5EAE-4698-992D-146C6310E0B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C66CDEC1-FB2E-49B7-A8BE-38E43C8ED652\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87DF2937-9C51-4768-BAB1-901BCA636ADD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"515C0ECD-2D95-4B6E-8E2F-DAF94E4A310F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA0EB754-7A71-40FA-9EAD-44914EB758C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1089D316-D5A3-4F2D-9E52-57FD626A1D06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F17D9158-E85A-4436-9180-E8546CF8F290\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64CBBE6E-8FDA-46AD-96A9-8C6CFFE97ABC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A0D13E-6B06-42E9-BEB9-C8FCC3A4E2ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB79FB06-4712-4DE8-8C0B-5CEE8530828D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7054A3D4-8C52-4636-B135-1078B8DF1D5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6763B2A-00C4-4AAB-8769-9AAEE4BAA603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5618200C-91E9-4501-8585-039A4629E072\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:8.4.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DD7B25B-F29A-4B73-B63B-F00DD9E9BC84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DD4DE67-9E3C-4F79-8AAB-344C1C46C618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCB718D2-97AA-4D61-AA4B-2216EEF55F67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"605C06BF-54A0-40F8-A01E-8641B4A83035\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F1F5B75-78D5-408E-8148-CA23DCED9CBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DE8C27-0E0A-4428-B25D-054D4FC6FEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F609DDE4-0858-4F83-B8E6-7870196E21CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"349F02AF-013E-4264-9717-010293A3D6E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"047926F2-846A-4870-9640-9A4F2804D71B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB0165D8-0BFA-4D46-95A3-45A03DC086FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D6CF6A0-43DC-4C64-A3C4-01EB36F6672B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E8251C0-9CAE-4608-BC11-75646A601408\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC024E5D-122D-4E3D-AD24-759AB5940F20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"723336B5-405A-4236-A507-2C26E591CF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C9E11A8-2B28-4A6B-BC04-4C556CFA2B56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32EF44F0-183E-4375-849A-2E6CD65D395F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"380657D1-F847-4D71-B0C7-D055117E49E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4796DBEC-FF4F-4749-90D5-AD83D8B5E086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79108278-D644-4506-BD9C-F464C6E817B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10CF0AA0-41CD-4D50-BA7A-BF8846115C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"965E1A9D-BB23-4C0B-A9CA-54A1855055B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1F37C66-0AFE-4D59-8867-BDBCE656774E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CE53AE6-232C-4068-98D1-7749007C3CFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFD38139-FD17-41E7-8D10-7731D8203CFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC0B41F-38FF-4D41-9E31-D666A84BB2FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A591CB08-5CEB-45EB-876F-417DCD60AF53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0B79735-4CF5-4038-9FC4-12A58790B15A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A74DAF9-516D-44BC-B09A-73395EF72873\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B58318BE-FB71-4183-A1F4-5FD207885A89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD27648F-E2FF-4779-97F9-2632DCC6B16D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEFB4916-8B59-4534-804C-CF9DA1B18508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3413A3AB-45A3-48E1-9B30-1194C4E7D49D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5760CE83-4802-42A0-9338-E1E634882450\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B41009E-4028-4D82-B8D0-8B949EDC0A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"832F3EBE-A92C-4FB3-BF3C-0E7B750F966B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1571EE80-55A6-4F91-909B-C46BA19EC76F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B890251-95EB-44F3-A6A7-F718F3C807B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2E5BD02-8C3D-4687-88DE-1C00366270E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"709F5DF9-9F3A-42C3-890B-521B13118C0E\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.postgresql.org/wiki/20140220securityrelease\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2864\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2865\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.postgresql.org/about/news/1506/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/65721\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/HT205219\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.postgresql.org/wiki/20140220securityrelease\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2864\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2865\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.postgresql.org/about/news/1506/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/65721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT205219\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/kb/HT205031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
fkie_cve-2014-0067
Vulnerability from fkie_nvd
Published
2014-03-31 14:58
Modified
2025-04-12 10:46
Severity ?
Summary
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*", matchCriteriaId: "E8B0A12E-E122-4189-A05E-4FEA43C19876", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x_server:5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "8ACDF399-AE56-4130-8686-F8E4C9014DD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", matchCriteriaId: "140CD969-F690-4776-8761-1868D9032766", versionEndIncluding: "8.4.19", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*", matchCriteriaId: "5C991F71-1E27-47A6-97DC-424FC3EF6011", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*", matchCriteriaId: "5740C7AA-1772-41D8-9851-3E3669CD8521", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*", matchCriteriaId: "970338CD-A680-4DD0-BD27-459B0DDA4002", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A99C579D-44C0-40A4-A4EB-CBCF40D0C2FA", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*", matchCriteriaId: "3E9E57FA-5EAE-4698-992D-146C6310E0B8", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*", matchCriteriaId: "C66CDEC1-FB2E-49B7-A8BE-38E43C8ED652", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*", matchCriteriaId: "87DF2937-9C51-4768-BAB1-901BCA636ADD", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*", matchCriteriaId: "515C0ECD-2D95-4B6E-8E2F-DAF94E4A310F", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*", matchCriteriaId: "EA0EB754-7A71-40FA-9EAD-44914EB758C3", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*", matchCriteriaId: "1089D316-D5A3-4F2D-9E52-57FD626A1D06", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*", matchCriteriaId: "F17D9158-E85A-4436-9180-E8546CF8F290", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*", matchCriteriaId: "64CBBE6E-8FDA-46AD-96A9-8C6CFFE97ABC", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*", matchCriteriaId: "C7A0D13E-6B06-42E9-BEB9-C8FCC3A4E2ED", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*", matchCriteriaId: "AB79FB06-4712-4DE8-8C0B-5CEE8530828D", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*", matchCriteriaId: "7054A3D4-8C52-4636-B135-1078B8DF1D5D", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*", matchCriteriaId: "A6763B2A-00C4-4AAB-8769-9AAEE4BAA603", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.17:*:*:*:*:*:*:*", matchCriteriaId: "5618200C-91E9-4501-8585-039A4629E072", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:8.4.18:*:*:*:*:*:*:*", matchCriteriaId: "5DD7B25B-F29A-4B73-B63B-F00DD9E9BC84", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", matchCriteriaId: "2DD4DE67-9E3C-4F79-8AAB-344C1C46C618", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CCB718D2-97AA-4D61-AA4B-2216EEF55F67", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*", matchCriteriaId: "605C06BF-54A0-40F8-A01E-8641B4A83035", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*", matchCriteriaId: "1F1F5B75-78D5-408E-8148-CA23DCED9CBB", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*", matchCriteriaId: "88DE8C27-0E0A-4428-B25D-054D4FC6FEA8", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*", matchCriteriaId: "F609DDE4-0858-4F83-B8E6-7870196E21CB", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*", matchCriteriaId: "349F02AF-013E-4264-9717-010293A3D6E4", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*", matchCriteriaId: "047926F2-846A-4870-9640-9A4F2804D71B", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*", matchCriteriaId: "BB0165D8-0BFA-4D46-95A3-45A03DC086FB", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*", matchCriteriaId: "1D6CF6A0-43DC-4C64-A3C4-01EB36F6672B", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*", matchCriteriaId: "1E8251C0-9CAE-4608-BC11-75646A601408", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*", matchCriteriaId: "AC024E5D-122D-4E3D-AD24-759AB5940F20", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*", matchCriteriaId: "723336B5-405A-4236-A507-2C26E591CF49", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.13:*:*:*:*:*:*:*", matchCriteriaId: "7C9E11A8-2B28-4A6B-BC04-4C556CFA2B56", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.14:*:*:*:*:*:*:*", matchCriteriaId: "32EF44F0-183E-4375-849A-2E6CD65D395F", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.0.15:*:*:*:*:*:*:*", matchCriteriaId: "380657D1-F847-4D71-B0C7-D055117E49E7", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", matchCriteriaId: "4796DBEC-FF4F-4749-90D5-AD83D8B5E086", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", matchCriteriaId: "79108278-D644-4506-BD9C-F464C6E817B7", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*", matchCriteriaId: "10CF0AA0-41CD-4D50-BA7A-BF8846115C95", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*", matchCriteriaId: "965E1A9D-BB23-4C0B-A9CA-54A1855055B1", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A1F37C66-0AFE-4D59-8867-BDBCE656774E", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*", matchCriteriaId: "5CE53AE6-232C-4068-98D1-7749007C3CFD", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*", matchCriteriaId: "FFD38139-FD17-41E7-8D10-7731D8203CFC", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*", matchCriteriaId: "CCC0B41F-38FF-4D41-9E31-D666A84BB2FC", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*", matchCriteriaId: "A591CB08-5CEB-45EB-876F-417DCD60AF53", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:*", matchCriteriaId: "E0B79735-4CF5-4038-9FC4-12A58790B15A", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:*", matchCriteriaId: "0A74DAF9-516D-44BC-B09A-73395EF72873", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:*", matchCriteriaId: "B58318BE-FB71-4183-A1F4-5FD207885A89", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*", matchCriteriaId: "AD27648F-E2FF-4779-97F9-2632DCC6B16D", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*", matchCriteriaId: "CEFB4916-8B59-4534-804C-CF9DA1B18508", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*", matchCriteriaId: "3413A3AB-45A3-48E1-9B30-1194C4E7D49D", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5760CE83-4802-42A0-9338-E1E634882450", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*", matchCriteriaId: "6B41009E-4028-4D82-B8D0-8B949EDC0A68", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*", matchCriteriaId: "832F3EBE-A92C-4FB3-BF3C-0E7B750F966B", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*", matchCriteriaId: "1571EE80-55A6-4F91-909B-C46BA19EC76F", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*", matchCriteriaId: "5B890251-95EB-44F3-A6A7-F718F3C807B0", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*", matchCriteriaId: "D2E5BD02-8C3D-4687-88DE-1C00366270E7", vulnerable: true, }, { criteria: "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*", matchCriteriaId: "709F5DF9-9F3A-42C3-890B-521B13118C0E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", }, { lang: "es", value: "El comando \"make check\" para los suites de prueba en PostgreSQL 9.3.3 y anteriores no invoca debidamente initdb para especificar los requisitos de autenticación para un cluster de base de datos utilizado para las pruebas, lo que permite a usuarios locales ganar privilegios mediante el aprovechamiento de acceso a este cluster.", }, ], id: "CVE-2014-0067", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-03-31T14:58:15.787", references: [ { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "secalert@redhat.com", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-2864", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2014/dsa-2865", }, { source: "secalert@redhat.com", url: "http://www.postgresql.org/about/news/1506/", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/65721", }, { source: "secalert@redhat.com", url: "https://support.apple.com/HT205219", }, { source: "secalert@redhat.com", url: "https://support.apple.com/kb/HT205031", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2864", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2865", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.postgresql.org/about/news/1506/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/65721", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/HT205219", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.apple.com/kb/HT205031", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
opensuse-su-2024:10030-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
postgresql94-9.4.10-1.1 on GA media
Notes
Title of the patch
postgresql94-9.4.10-1.1 on GA media
Description of the patch
These are all security issues fixed in the postgresql94-9.4.10-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10030
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "postgresql94-9.4.10-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the postgresql94-9.4.10-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10030", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10030-1.json", }, { category: "self", summary: "SUSE CVE CVE-2007-4772 page", url: "https://www.suse.com/security/cve/CVE-2007-4772/", }, { category: "self", summary: "SUSE CVE CVE-2007-6600 page", url: "https://www.suse.com/security/cve/CVE-2007-6600/", }, { category: "self", summary: "SUSE CVE CVE-2009-4034 page", url: "https://www.suse.com/security/cve/CVE-2009-4034/", }, { category: "self", summary: "SUSE CVE CVE-2009-4136 page", url: "https://www.suse.com/security/cve/CVE-2009-4136/", }, { category: "self", summary: "SUSE CVE CVE-2010-1169 page", url: "https://www.suse.com/security/cve/CVE-2010-1169/", }, { category: "self", summary: "SUSE CVE CVE-2010-1170 page", url: "https://www.suse.com/security/cve/CVE-2010-1170/", }, { category: "self", summary: "SUSE CVE CVE-2010-3433 page", url: "https://www.suse.com/security/cve/CVE-2010-3433/", }, { category: "self", summary: "SUSE CVE CVE-2012-0866 page", url: "https://www.suse.com/security/cve/CVE-2012-0866/", }, { category: "self", summary: "SUSE CVE CVE-2012-0867 page", url: "https://www.suse.com/security/cve/CVE-2012-0867/", }, { category: "self", summary: "SUSE CVE CVE-2012-0868 page", url: "https://www.suse.com/security/cve/CVE-2012-0868/", }, { category: "self", summary: "SUSE CVE CVE-2012-2143 page", url: "https://www.suse.com/security/cve/CVE-2012-2143/", }, { category: "self", summary: "SUSE CVE CVE-2012-2655 page", url: "https://www.suse.com/security/cve/CVE-2012-2655/", }, { category: "self", summary: "SUSE CVE CVE-2012-3488 page", url: "https://www.suse.com/security/cve/CVE-2012-3488/", }, { category: "self", summary: "SUSE CVE CVE-2012-3489 page", url: "https://www.suse.com/security/cve/CVE-2012-3489/", }, { category: "self", summary: "SUSE CVE CVE-2013-0255 page", url: "https://www.suse.com/security/cve/CVE-2013-0255/", }, { category: "self", summary: "SUSE CVE CVE-2013-1899 page", url: "https://www.suse.com/security/cve/CVE-2013-1899/", }, { category: "self", summary: "SUSE CVE CVE-2013-1900 page", url: "https://www.suse.com/security/cve/CVE-2013-1900/", }, { category: "self", summary: "SUSE CVE CVE-2013-1901 page", url: "https://www.suse.com/security/cve/CVE-2013-1901/", }, { category: "self", summary: "SUSE CVE CVE-2014-0060 page", url: "https://www.suse.com/security/cve/CVE-2014-0060/", }, { category: "self", summary: "SUSE CVE CVE-2014-0061 page", url: "https://www.suse.com/security/cve/CVE-2014-0061/", }, { category: "self", summary: "SUSE CVE CVE-2014-0062 page", url: "https://www.suse.com/security/cve/CVE-2014-0062/", }, { category: "self", summary: "SUSE CVE CVE-2014-0063 page", url: "https://www.suse.com/security/cve/CVE-2014-0063/", }, { category: "self", summary: "SUSE CVE CVE-2014-0064 page", url: "https://www.suse.com/security/cve/CVE-2014-0064/", }, { category: "self", summary: "SUSE CVE CVE-2014-0065 page", url: "https://www.suse.com/security/cve/CVE-2014-0065/", }, { category: "self", summary: "SUSE CVE CVE-2014-0066 page", url: "https://www.suse.com/security/cve/CVE-2014-0066/", }, { category: "self", summary: "SUSE CVE CVE-2014-0067 page", url: "https://www.suse.com/security/cve/CVE-2014-0067/", }, { category: "self", summary: "SUSE CVE CVE-2015-3165 page", url: "https://www.suse.com/security/cve/CVE-2015-3165/", }, { category: "self", summary: "SUSE CVE CVE-2015-3166 page", url: "https://www.suse.com/security/cve/CVE-2015-3166/", }, { category: "self", summary: "SUSE CVE CVE-2015-3167 page", url: "https://www.suse.com/security/cve/CVE-2015-3167/", }, { category: "self", summary: "SUSE CVE CVE-2015-5288 page", url: "https://www.suse.com/security/cve/CVE-2015-5288/", }, { category: "self", summary: "SUSE CVE CVE-2015-5289 page", url: "https://www.suse.com/security/cve/CVE-2015-5289/", }, { category: "self", summary: "SUSE CVE CVE-2016-0766 page", url: "https://www.suse.com/security/cve/CVE-2016-0766/", }, { category: "self", summary: "SUSE CVE CVE-2016-0773 page", url: "https://www.suse.com/security/cve/CVE-2016-0773/", }, { category: "self", summary: "SUSE CVE CVE-2016-5423 page", url: "https://www.suse.com/security/cve/CVE-2016-5423/", }, { category: "self", summary: "SUSE CVE CVE-2016-5424 page", url: "https://www.suse.com/security/cve/CVE-2016-5424/", }, ], title: "postgresql94-9.4.10-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10030-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "postgresql94-9.4.10-1.1.aarch64", product: { name: "postgresql94-9.4.10-1.1.aarch64", product_id: "postgresql94-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-contrib-9.4.10-1.1.aarch64", product: { name: "postgresql94-contrib-9.4.10-1.1.aarch64", product_id: "postgresql94-contrib-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-devel-9.4.10-1.1.aarch64", product: { name: "postgresql94-devel-9.4.10-1.1.aarch64", product_id: "postgresql94-devel-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-docs-9.4.10-1.1.aarch64", product: { name: "postgresql94-docs-9.4.10-1.1.aarch64", product_id: "postgresql94-docs-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-plperl-9.4.10-1.1.aarch64", product: { name: "postgresql94-plperl-9.4.10-1.1.aarch64", product_id: "postgresql94-plperl-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-plpython-9.4.10-1.1.aarch64", product: { name: "postgresql94-plpython-9.4.10-1.1.aarch64", product_id: "postgresql94-plpython-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-pltcl-9.4.10-1.1.aarch64", product: { name: "postgresql94-pltcl-9.4.10-1.1.aarch64", product_id: "postgresql94-pltcl-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-server-9.4.10-1.1.aarch64", product: { name: "postgresql94-server-9.4.10-1.1.aarch64", product_id: "postgresql94-server-9.4.10-1.1.aarch64", }, }, { category: "product_version", name: "postgresql94-test-9.4.10-1.1.aarch64", product: { name: "postgresql94-test-9.4.10-1.1.aarch64", product_id: "postgresql94-test-9.4.10-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "postgresql94-9.4.10-1.1.ppc64le", product: { name: "postgresql94-9.4.10-1.1.ppc64le", product_id: "postgresql94-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-contrib-9.4.10-1.1.ppc64le", product: { name: "postgresql94-contrib-9.4.10-1.1.ppc64le", product_id: "postgresql94-contrib-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-devel-9.4.10-1.1.ppc64le", product: { name: "postgresql94-devel-9.4.10-1.1.ppc64le", product_id: "postgresql94-devel-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-docs-9.4.10-1.1.ppc64le", product: { name: "postgresql94-docs-9.4.10-1.1.ppc64le", product_id: "postgresql94-docs-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-plperl-9.4.10-1.1.ppc64le", product: { name: "postgresql94-plperl-9.4.10-1.1.ppc64le", product_id: "postgresql94-plperl-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-plpython-9.4.10-1.1.ppc64le", product: { name: "postgresql94-plpython-9.4.10-1.1.ppc64le", product_id: "postgresql94-plpython-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-pltcl-9.4.10-1.1.ppc64le", product: { name: "postgresql94-pltcl-9.4.10-1.1.ppc64le", product_id: "postgresql94-pltcl-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-server-9.4.10-1.1.ppc64le", product: { name: "postgresql94-server-9.4.10-1.1.ppc64le", product_id: "postgresql94-server-9.4.10-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql94-test-9.4.10-1.1.ppc64le", product: { name: "postgresql94-test-9.4.10-1.1.ppc64le", product_id: "postgresql94-test-9.4.10-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "postgresql94-9.4.10-1.1.s390x", product: { name: "postgresql94-9.4.10-1.1.s390x", product_id: "postgresql94-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-contrib-9.4.10-1.1.s390x", product: { name: "postgresql94-contrib-9.4.10-1.1.s390x", product_id: "postgresql94-contrib-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-devel-9.4.10-1.1.s390x", product: { name: "postgresql94-devel-9.4.10-1.1.s390x", product_id: "postgresql94-devel-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-docs-9.4.10-1.1.s390x", product: { name: "postgresql94-docs-9.4.10-1.1.s390x", product_id: "postgresql94-docs-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-plperl-9.4.10-1.1.s390x", product: { name: "postgresql94-plperl-9.4.10-1.1.s390x", product_id: "postgresql94-plperl-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-plpython-9.4.10-1.1.s390x", product: { name: "postgresql94-plpython-9.4.10-1.1.s390x", product_id: "postgresql94-plpython-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-pltcl-9.4.10-1.1.s390x", product: { name: "postgresql94-pltcl-9.4.10-1.1.s390x", product_id: "postgresql94-pltcl-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-server-9.4.10-1.1.s390x", product: { name: "postgresql94-server-9.4.10-1.1.s390x", product_id: "postgresql94-server-9.4.10-1.1.s390x", }, }, { category: "product_version", name: "postgresql94-test-9.4.10-1.1.s390x", product: { name: "postgresql94-test-9.4.10-1.1.s390x", product_id: "postgresql94-test-9.4.10-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "postgresql94-9.4.10-1.1.x86_64", product: { name: "postgresql94-9.4.10-1.1.x86_64", product_id: "postgresql94-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-contrib-9.4.10-1.1.x86_64", product: { name: "postgresql94-contrib-9.4.10-1.1.x86_64", product_id: "postgresql94-contrib-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-devel-9.4.10-1.1.x86_64", product: { name: "postgresql94-devel-9.4.10-1.1.x86_64", product_id: "postgresql94-devel-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-docs-9.4.10-1.1.x86_64", product: { name: "postgresql94-docs-9.4.10-1.1.x86_64", product_id: "postgresql94-docs-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-plperl-9.4.10-1.1.x86_64", product: { name: "postgresql94-plperl-9.4.10-1.1.x86_64", product_id: "postgresql94-plperl-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-plpython-9.4.10-1.1.x86_64", product: { name: "postgresql94-plpython-9.4.10-1.1.x86_64", product_id: "postgresql94-plpython-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-pltcl-9.4.10-1.1.x86_64", product: { name: "postgresql94-pltcl-9.4.10-1.1.x86_64", product_id: "postgresql94-pltcl-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-server-9.4.10-1.1.x86_64", product: { name: "postgresql94-server-9.4.10-1.1.x86_64", product_id: "postgresql94-server-9.4.10-1.1.x86_64", }, }, { category: "product_version", name: "postgresql94-test-9.4.10-1.1.x86_64", product: { name: "postgresql94-test-9.4.10-1.1.x86_64", product_id: "postgresql94-test-9.4.10-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "postgresql94-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", }, product_reference: "postgresql94-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-contrib-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-contrib-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-contrib-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-contrib-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-contrib-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", }, product_reference: "postgresql94-contrib-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-contrib-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-contrib-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-devel-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-devel-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-devel-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-devel-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-devel-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", }, product_reference: "postgresql94-devel-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-devel-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-devel-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-docs-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-docs-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-docs-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-docs-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-docs-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", }, product_reference: "postgresql94-docs-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-docs-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-docs-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plperl-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-plperl-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plperl-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-plperl-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plperl-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", }, product_reference: "postgresql94-plperl-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plperl-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-plperl-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plpython-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-plpython-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plpython-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-plpython-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plpython-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", }, product_reference: "postgresql94-plpython-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-plpython-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-plpython-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-pltcl-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-pltcl-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-pltcl-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-pltcl-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-pltcl-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", }, product_reference: "postgresql94-pltcl-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-pltcl-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-pltcl-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-server-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-server-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-server-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-server-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-server-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", }, product_reference: "postgresql94-server-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-server-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-server-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-test-9.4.10-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", }, product_reference: "postgresql94-test-9.4.10-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-test-9.4.10-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", }, product_reference: "postgresql94-test-9.4.10-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-test-9.4.10-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", }, product_reference: "postgresql94-test-9.4.10-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql94-test-9.4.10-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", }, product_reference: "postgresql94-test-9.4.10-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2007-4772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-4772", }, ], notes: [ { category: "general", text: "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-4772", url: "https://www.suse.com/security/cve/CVE-2007-4772", }, { category: "external", summary: "SUSE Bug 329282 for CVE-2007-4772", url: "https://bugzilla.suse.com/329282", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2007-4772", }, { cve: "CVE-2007-6600", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6600", }, ], notes: [ { category: "general", text: "PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6600", url: "https://www.suse.com/security/cve/CVE-2007-6600", }, { category: "external", summary: "SUSE Bug 329282 for CVE-2007-6600", url: "https://bugzilla.suse.com/329282", }, { category: "external", summary: "SUSE Bug 537706 for CVE-2007-6600", url: "https://bugzilla.suse.com/537706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-6600", }, { cve: "CVE-2009-4034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-4034", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-4034", url: "https://www.suse.com/security/cve/CVE-2009-4034", }, { category: "external", summary: "SUSE Bug 564710 for CVE-2009-4034", url: "https://bugzilla.suse.com/564710", }, { category: "external", summary: "SUSE Bug 603968 for CVE-2009-4034", url: "https://bugzilla.suse.com/603968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-4034", }, { cve: "CVE-2009-4136", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-4136", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-4136", url: "https://www.suse.com/security/cve/CVE-2009-4136", }, { category: "external", summary: "SUSE Bug 564360 for CVE-2009-4136", url: "https://bugzilla.suse.com/564360", }, { category: "external", summary: "SUSE Bug 603969 for CVE-2009-4136", url: "https://bugzilla.suse.com/603969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-4136", }, { cve: "CVE-2010-1169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1169", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1169", url: "https://www.suse.com/security/cve/CVE-2010-1169", }, { category: "external", summary: "SUSE Bug 605926 for CVE-2010-1169", url: "https://bugzilla.suse.com/605926", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-1169", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2010-1169", }, { cve: "CVE-2010-1170", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1170", }, ], notes: [ { category: "general", text: "The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1170", url: "https://www.suse.com/security/cve/CVE-2010-1170", }, { category: "external", summary: "SUSE Bug 605845 for CVE-2010-1170", url: "https://bugzilla.suse.com/605845", }, { category: "external", summary: "SUSE Bug 605926 for CVE-2010-1170", url: "https://bugzilla.suse.com/605926", }, { category: "external", summary: "SUSE Bug 634562 for CVE-2010-1170", url: "https://bugzilla.suse.com/634562", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-1170", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-1170", }, { cve: "CVE-2010-3433", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-3433", }, ], notes: [ { category: "general", text: "The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-3433", url: "https://www.suse.com/security/cve/CVE-2010-3433", }, { category: "external", summary: "SUSE Bug 643771 for CVE-2010-3433", url: "https://bugzilla.suse.com/643771", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-3433", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-3433", }, { cve: "CVE-2012-0866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0866", }, ], notes: [ { category: "general", text: "CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0866", url: "https://www.suse.com/security/cve/CVE-2012-0866", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0866", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0866", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0866", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0866", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0866", }, { cve: "CVE-2012-0867", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0867", }, ], notes: [ { category: "general", text: "PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0867", url: "https://www.suse.com/security/cve/CVE-2012-0867", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0867", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0867", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0867", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0867", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0867", }, { cve: "CVE-2012-0868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0868", }, ], notes: [ { category: "general", text: "CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0868", url: "https://www.suse.com/security/cve/CVE-2012-0868", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0868", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0868", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0868", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0868", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0868", }, { cve: "CVE-2012-2143", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2143", }, ], notes: [ { category: "general", text: "The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2143", url: "https://www.suse.com/security/cve/CVE-2012-2143", }, { category: "external", summary: "SUSE Bug 766797 for CVE-2012-2143", url: "https://bugzilla.suse.com/766797", }, { category: "external", summary: "SUSE Bug 766798 for CVE-2012-2143", url: "https://bugzilla.suse.com/766798", }, { category: "external", summary: "SUSE Bug 766799 for CVE-2012-2143", url: "https://bugzilla.suse.com/766799", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-2143", }, { cve: "CVE-2012-2655", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2655", }, ], notes: [ { category: "general", text: "PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2655", url: "https://www.suse.com/security/cve/CVE-2012-2655", }, { category: "external", summary: "SUSE Bug 765069 for CVE-2012-2655", url: "https://bugzilla.suse.com/765069", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-2655", }, { cve: "CVE-2012-3488", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3488", }, ], notes: [ { category: "general", text: "The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3488", url: "https://www.suse.com/security/cve/CVE-2012-3488", }, { category: "external", summary: "SUSE Bug 776523 for CVE-2012-3488", url: "https://bugzilla.suse.com/776523", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3488", }, { cve: "CVE-2012-3489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3489", }, ], notes: [ { category: "general", text: "The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3489", url: "https://www.suse.com/security/cve/CVE-2012-3489", }, { category: "external", summary: "SUSE Bug 776524 for CVE-2012-3489", url: "https://bugzilla.suse.com/776524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3489", }, { cve: "CVE-2013-0255", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-0255", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-0255", url: "https://www.suse.com/security/cve/CVE-2013-0255", }, { category: "external", summary: "SUSE Bug 802679 for CVE-2013-0255", url: "https://bugzilla.suse.com/802679", }, { category: "external", summary: "SUSE Bug 803057 for CVE-2013-0255", url: "https://bugzilla.suse.com/803057", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-0255", }, { cve: "CVE-2013-1899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1899", }, ], notes: [ { category: "general", text: "Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a \"-\" (hyphen).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1899", url: "https://www.suse.com/security/cve/CVE-2013-1899", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1899", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1899", }, { cve: "CVE-2013-1900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1900", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the \"contrib/pgcrypto functions.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1900", url: "https://www.suse.com/security/cve/CVE-2013-1900", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1900", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1900", }, { cve: "CVE-2013-1901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1901", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1901", url: "https://www.suse.com/security/cve/CVE-2013-1901", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1901", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1901", }, { cve: "CVE-2014-0060", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0060", }, ], notes: [ { category: "general", text: "PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0060", url: "https://www.suse.com/security/cve/CVE-2014-0060", }, { category: "external", summary: "SUSE Bug 864845 for CVE-2014-0060", url: "https://bugzilla.suse.com/864845", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0060", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2014-0060", }, { cve: "CVE-2014-0061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0061", }, ], notes: [ { category: "general", text: "The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0061", url: "https://www.suse.com/security/cve/CVE-2014-0061", }, { category: "external", summary: "SUSE Bug 864846 for CVE-2014-0061", url: "https://bugzilla.suse.com/864846", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0061", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0061", }, { cve: "CVE-2014-0062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0062", }, ], notes: [ { category: "general", text: "Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0062", url: "https://www.suse.com/security/cve/CVE-2014-0062", }, { category: "external", summary: "SUSE Bug 864847 for CVE-2014-0062", url: "https://bugzilla.suse.com/864847", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0062", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0062", }, { cve: "CVE-2014-0063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0063", }, ], notes: [ { category: "general", text: "Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0063", url: "https://www.suse.com/security/cve/CVE-2014-0063", }, { category: "external", summary: "SUSE Bug 864850 for CVE-2014-0063", url: "https://bugzilla.suse.com/864850", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0063", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0063", }, { cve: "CVE-2014-0064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0064", }, ], notes: [ { category: "general", text: "Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0064", url: "https://www.suse.com/security/cve/CVE-2014-0064", }, { category: "external", summary: "SUSE Bug 864851 for CVE-2014-0064", url: "https://bugzilla.suse.com/864851", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0064", url: "https://bugzilla.suse.com/864856", }, { category: "external", summary: "SUSE Bug 871307 for CVE-2014-0064", url: "https://bugzilla.suse.com/871307", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0064", }, { cve: "CVE-2014-0065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0065", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0065", url: "https://www.suse.com/security/cve/CVE-2014-0065", }, { category: "external", summary: "SUSE Bug 864852 for CVE-2014-0065", url: "https://bugzilla.suse.com/864852", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0065", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0065", }, { cve: "CVE-2014-0066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0066", }, ], notes: [ { category: "general", text: "The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0066", url: "https://www.suse.com/security/cve/CVE-2014-0066", }, { category: "external", summary: "SUSE Bug 864853 for CVE-2014-0066", url: "https://bugzilla.suse.com/864853", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0066", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0066", }, { cve: "CVE-2014-0067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0067", }, ], notes: [ { category: "general", text: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0067", url: "https://www.suse.com/security/cve/CVE-2014-0067", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0067", url: "https://bugzilla.suse.com/864856", }, { category: "external", summary: "SUSE Bug 872783 for CVE-2014-0067", url: "https://bugzilla.suse.com/872783", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2014-0067", }, { cve: "CVE-2015-3165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3165", }, ], notes: [ { category: "general", text: "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3165", url: "https://www.suse.com/security/cve/CVE-2015-3165", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3165", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3165", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3165", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3165", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3165", }, { cve: "CVE-2015-3166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3166", }, ], notes: [ { category: "general", text: "The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3166", url: "https://www.suse.com/security/cve/CVE-2015-3166", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3166", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3166", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3166", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3166", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3166", }, { cve: "CVE-2015-3167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3167", }, ], notes: [ { category: "general", text: "contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3167", url: "https://www.suse.com/security/cve/CVE-2015-3167", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3167", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3167", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3167", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3167", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3167", }, { cve: "CVE-2015-5288", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-5288", }, ], notes: [ { category: "general", text: "The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a \"too-short\" salt.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-5288", url: "https://www.suse.com/security/cve/CVE-2015-5288", }, { category: "external", summary: "SUSE Bug 949669 for CVE-2015-5288", url: "https://bugzilla.suse.com/949669", }, { category: "external", summary: "SUSE Bug 949670 for CVE-2015-5288", url: "https://bugzilla.suse.com/949670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2015-5288", }, { cve: "CVE-2015-5289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-5289", }, ], notes: [ { category: "general", text: "Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-5289", url: "https://www.suse.com/security/cve/CVE-2015-5289", }, { category: "external", summary: "SUSE Bug 949669 for CVE-2015-5289", url: "https://bugzilla.suse.com/949669", }, { category: "external", summary: "SUSE Bug 949670 for CVE-2015-5289", url: "https://bugzilla.suse.com/949670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-5289", }, { cve: "CVE-2016-0766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-0766", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-0766", url: "https://www.suse.com/security/cve/CVE-2016-0766", }, { category: "external", summary: "SUSE Bug 966435 for CVE-2016-0766", url: "https://bugzilla.suse.com/966435", }, { category: "external", summary: "SUSE Bug 966436 for CVE-2016-0766", url: "https://bugzilla.suse.com/966436", }, { category: "external", summary: "SUSE Bug 978323 for CVE-2016-0766", url: "https://bugzilla.suse.com/978323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-0766", }, { cve: "CVE-2016-0773", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-0773", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-0773", url: "https://www.suse.com/security/cve/CVE-2016-0773", }, { category: "external", summary: "SUSE Bug 966435 for CVE-2016-0773", url: "https://bugzilla.suse.com/966435", }, { category: "external", summary: "SUSE Bug 966436 for CVE-2016-0773", url: "https://bugzilla.suse.com/966436", }, { category: "external", summary: "SUSE Bug 978323 for CVE-2016-0773", url: "https://bugzilla.suse.com/978323", }, { category: "external", summary: "SUSE Bug 983246 for CVE-2016-0773", url: "https://bugzilla.suse.com/983246", }, { category: "external", summary: "SUSE Bug 986409 for CVE-2016-0773", url: "https://bugzilla.suse.com/986409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-0773", }, { cve: "CVE-2016-5423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5423", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5423", url: "https://www.suse.com/security/cve/CVE-2016-5423", }, { category: "external", summary: "SUSE Bug 1041981 for CVE-2016-5423", url: "https://bugzilla.suse.com/1041981", }, { category: "external", summary: "SUSE Bug 1042497 for CVE-2016-5423", url: "https://bugzilla.suse.com/1042497", }, { category: "external", summary: "SUSE Bug 1052683 for CVE-2016-5423", url: "https://bugzilla.suse.com/1052683", }, { category: "external", summary: "SUSE Bug 993454 for CVE-2016-5423", url: "https://bugzilla.suse.com/993454", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5423", }, { cve: "CVE-2016-5424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5424", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) \" (double quote), (2) \\ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5424", url: "https://www.suse.com/security/cve/CVE-2016-5424", }, { category: "external", summary: "SUSE Bug 1041981 for CVE-2016-5424", url: "https://bugzilla.suse.com/1041981", }, { category: "external", summary: "SUSE Bug 1042497 for CVE-2016-5424", url: "https://bugzilla.suse.com/1042497", }, { category: "external", summary: "SUSE Bug 1052683 for CVE-2016-5424", url: "https://bugzilla.suse.com/1052683", }, { category: "external", summary: "SUSE Bug 993453 for CVE-2016-5424", url: "https://bugzilla.suse.com/993453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-contrib-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-devel-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-docs-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plperl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-plpython-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-pltcl-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-server-9.4.10-1.1.x86_64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.aarch64", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.ppc64le", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.s390x", "openSUSE Tumbleweed:postgresql94-test-9.4.10-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5424", }, ], }
opensuse-su-2024:10273-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
libecpg6-32bit-9.5.4-1.2 on GA media
Notes
Title of the patch
libecpg6-32bit-9.5.4-1.2 on GA media
Description of the patch
These are all security issues fixed in the libecpg6-32bit-9.5.4-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10273
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "libecpg6-32bit-9.5.4-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the libecpg6-32bit-9.5.4-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10273", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10273-1.json", }, { category: "self", summary: "SUSE CVE CVE-2007-4772 page", url: "https://www.suse.com/security/cve/CVE-2007-4772/", }, { category: "self", summary: "SUSE CVE CVE-2007-6600 page", url: "https://www.suse.com/security/cve/CVE-2007-6600/", }, { category: "self", summary: "SUSE CVE CVE-2009-4034 page", url: "https://www.suse.com/security/cve/CVE-2009-4034/", }, { category: "self", summary: "SUSE CVE CVE-2009-4136 page", url: "https://www.suse.com/security/cve/CVE-2009-4136/", }, { category: "self", summary: "SUSE CVE CVE-2010-1169 page", url: "https://www.suse.com/security/cve/CVE-2010-1169/", }, { category: "self", summary: "SUSE CVE CVE-2010-1170 page", url: "https://www.suse.com/security/cve/CVE-2010-1170/", }, { category: "self", summary: "SUSE CVE CVE-2010-3433 page", url: "https://www.suse.com/security/cve/CVE-2010-3433/", }, { category: "self", summary: "SUSE CVE CVE-2012-0866 page", url: "https://www.suse.com/security/cve/CVE-2012-0866/", }, { category: "self", summary: "SUSE CVE CVE-2012-0867 page", url: "https://www.suse.com/security/cve/CVE-2012-0867/", }, { category: "self", summary: "SUSE CVE CVE-2012-0868 page", url: "https://www.suse.com/security/cve/CVE-2012-0868/", }, { category: "self", summary: "SUSE CVE CVE-2012-2143 page", url: "https://www.suse.com/security/cve/CVE-2012-2143/", }, { category: "self", summary: "SUSE CVE CVE-2012-2655 page", url: "https://www.suse.com/security/cve/CVE-2012-2655/", }, { category: "self", summary: "SUSE CVE CVE-2012-3488 page", url: "https://www.suse.com/security/cve/CVE-2012-3488/", }, { category: "self", summary: "SUSE CVE CVE-2012-3489 page", url: "https://www.suse.com/security/cve/CVE-2012-3489/", }, { category: "self", summary: "SUSE CVE CVE-2013-0255 page", url: "https://www.suse.com/security/cve/CVE-2013-0255/", }, { category: "self", summary: "SUSE CVE CVE-2013-1899 page", url: "https://www.suse.com/security/cve/CVE-2013-1899/", }, { category: "self", summary: "SUSE CVE CVE-2013-1900 page", url: "https://www.suse.com/security/cve/CVE-2013-1900/", }, { category: "self", summary: "SUSE CVE CVE-2013-1901 page", url: "https://www.suse.com/security/cve/CVE-2013-1901/", }, { category: "self", summary: "SUSE CVE CVE-2014-0060 page", url: "https://www.suse.com/security/cve/CVE-2014-0060/", }, { category: "self", summary: "SUSE CVE CVE-2014-0061 page", url: "https://www.suse.com/security/cve/CVE-2014-0061/", }, { category: "self", summary: "SUSE CVE CVE-2014-0062 page", url: "https://www.suse.com/security/cve/CVE-2014-0062/", }, { category: "self", summary: "SUSE CVE CVE-2014-0063 page", url: "https://www.suse.com/security/cve/CVE-2014-0063/", }, { category: "self", summary: "SUSE CVE CVE-2014-0064 page", url: "https://www.suse.com/security/cve/CVE-2014-0064/", }, { category: "self", summary: "SUSE CVE CVE-2014-0065 page", url: "https://www.suse.com/security/cve/CVE-2014-0065/", }, { category: "self", summary: "SUSE CVE CVE-2014-0066 page", url: "https://www.suse.com/security/cve/CVE-2014-0066/", }, { category: "self", summary: "SUSE CVE CVE-2014-0067 page", url: "https://www.suse.com/security/cve/CVE-2014-0067/", }, { category: "self", summary: "SUSE CVE CVE-2015-3165 page", url: "https://www.suse.com/security/cve/CVE-2015-3165/", }, { category: "self", summary: "SUSE CVE CVE-2015-3166 page", url: "https://www.suse.com/security/cve/CVE-2015-3166/", }, { category: "self", summary: "SUSE CVE CVE-2015-3167 page", url: "https://www.suse.com/security/cve/CVE-2015-3167/", }, { category: "self", summary: "SUSE CVE CVE-2015-5288 page", url: "https://www.suse.com/security/cve/CVE-2015-5288/", }, { category: "self", summary: "SUSE CVE CVE-2015-5289 page", url: "https://www.suse.com/security/cve/CVE-2015-5289/", }, { category: "self", summary: "SUSE CVE CVE-2016-0766 page", url: "https://www.suse.com/security/cve/CVE-2016-0766/", }, { category: "self", summary: "SUSE CVE CVE-2016-0773 page", url: "https://www.suse.com/security/cve/CVE-2016-0773/", }, { category: "self", summary: "SUSE CVE CVE-2016-2193 page", url: "https://www.suse.com/security/cve/CVE-2016-2193/", }, { category: "self", summary: "SUSE CVE CVE-2016-3065 page", url: "https://www.suse.com/security/cve/CVE-2016-3065/", }, { category: "self", summary: "SUSE CVE CVE-2016-5423 page", url: "https://www.suse.com/security/cve/CVE-2016-5423/", }, { category: "self", summary: "SUSE CVE CVE-2016-5424 page", url: "https://www.suse.com/security/cve/CVE-2016-5424/", }, ], title: "libecpg6-32bit-9.5.4-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10273-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "libecpg6-9.5.4-1.2.aarch64", product: { name: "libecpg6-9.5.4-1.2.aarch64", product_id: "libecpg6-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "libecpg6-32bit-9.5.4-1.2.aarch64", product: { name: "libecpg6-32bit-9.5.4-1.2.aarch64", product_id: "libecpg6-32bit-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "libpq5-9.5.4-1.2.aarch64", product: { name: "libpq5-9.5.4-1.2.aarch64", product_id: "libpq5-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "libpq5-32bit-9.5.4-1.2.aarch64", product: { name: "libpq5-32bit-9.5.4-1.2.aarch64", product_id: "libpq5-32bit-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-9.5.4-1.2.aarch64", product: { name: "postgresql95-9.5.4-1.2.aarch64", product_id: "postgresql95-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-contrib-9.5.4-1.2.aarch64", product: { name: "postgresql95-contrib-9.5.4-1.2.aarch64", product_id: "postgresql95-contrib-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-devel-9.5.4-1.2.aarch64", product: { name: "postgresql95-devel-9.5.4-1.2.aarch64", product_id: "postgresql95-devel-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-docs-9.5.4-1.2.aarch64", product: { name: "postgresql95-docs-9.5.4-1.2.aarch64", product_id: "postgresql95-docs-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-plperl-9.5.4-1.2.aarch64", product: { name: "postgresql95-plperl-9.5.4-1.2.aarch64", product_id: "postgresql95-plperl-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-plpython-9.5.4-1.2.aarch64", product: { name: "postgresql95-plpython-9.5.4-1.2.aarch64", product_id: "postgresql95-plpython-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-pltcl-9.5.4-1.2.aarch64", product: { name: "postgresql95-pltcl-9.5.4-1.2.aarch64", product_id: "postgresql95-pltcl-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-server-9.5.4-1.2.aarch64", product: { name: "postgresql95-server-9.5.4-1.2.aarch64", product_id: "postgresql95-server-9.5.4-1.2.aarch64", }, }, { category: "product_version", name: "postgresql95-test-9.5.4-1.2.aarch64", product: { name: "postgresql95-test-9.5.4-1.2.aarch64", product_id: "postgresql95-test-9.5.4-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libecpg6-9.5.4-1.2.ppc64le", product: { name: "libecpg6-9.5.4-1.2.ppc64le", product_id: "libecpg6-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "libecpg6-32bit-9.5.4-1.2.ppc64le", product: { name: "libecpg6-32bit-9.5.4-1.2.ppc64le", product_id: "libecpg6-32bit-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "libpq5-9.5.4-1.2.ppc64le", product: { name: "libpq5-9.5.4-1.2.ppc64le", product_id: "libpq5-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "libpq5-32bit-9.5.4-1.2.ppc64le", product: { name: "libpq5-32bit-9.5.4-1.2.ppc64le", product_id: "libpq5-32bit-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-9.5.4-1.2.ppc64le", product: { name: "postgresql95-9.5.4-1.2.ppc64le", product_id: "postgresql95-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-contrib-9.5.4-1.2.ppc64le", product: { name: "postgresql95-contrib-9.5.4-1.2.ppc64le", product_id: "postgresql95-contrib-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-devel-9.5.4-1.2.ppc64le", product: { name: "postgresql95-devel-9.5.4-1.2.ppc64le", product_id: "postgresql95-devel-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-docs-9.5.4-1.2.ppc64le", product: { name: "postgresql95-docs-9.5.4-1.2.ppc64le", product_id: "postgresql95-docs-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-plperl-9.5.4-1.2.ppc64le", product: { name: "postgresql95-plperl-9.5.4-1.2.ppc64le", product_id: "postgresql95-plperl-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-plpython-9.5.4-1.2.ppc64le", product: { name: "postgresql95-plpython-9.5.4-1.2.ppc64le", product_id: "postgresql95-plpython-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-pltcl-9.5.4-1.2.ppc64le", product: { name: "postgresql95-pltcl-9.5.4-1.2.ppc64le", product_id: "postgresql95-pltcl-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-server-9.5.4-1.2.ppc64le", product: { name: "postgresql95-server-9.5.4-1.2.ppc64le", product_id: "postgresql95-server-9.5.4-1.2.ppc64le", }, }, { category: "product_version", name: "postgresql95-test-9.5.4-1.2.ppc64le", product: { name: "postgresql95-test-9.5.4-1.2.ppc64le", product_id: "postgresql95-test-9.5.4-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libecpg6-9.5.4-1.2.s390x", product: { name: "libecpg6-9.5.4-1.2.s390x", product_id: "libecpg6-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "libecpg6-32bit-9.5.4-1.2.s390x", product: { name: "libecpg6-32bit-9.5.4-1.2.s390x", product_id: "libecpg6-32bit-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "libpq5-9.5.4-1.2.s390x", product: { name: "libpq5-9.5.4-1.2.s390x", product_id: "libpq5-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "libpq5-32bit-9.5.4-1.2.s390x", product: { name: "libpq5-32bit-9.5.4-1.2.s390x", product_id: "libpq5-32bit-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-9.5.4-1.2.s390x", product: { name: "postgresql95-9.5.4-1.2.s390x", product_id: "postgresql95-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-contrib-9.5.4-1.2.s390x", product: { name: "postgresql95-contrib-9.5.4-1.2.s390x", product_id: "postgresql95-contrib-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-devel-9.5.4-1.2.s390x", product: { name: "postgresql95-devel-9.5.4-1.2.s390x", product_id: "postgresql95-devel-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-docs-9.5.4-1.2.s390x", product: { name: "postgresql95-docs-9.5.4-1.2.s390x", product_id: "postgresql95-docs-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-plperl-9.5.4-1.2.s390x", product: { name: "postgresql95-plperl-9.5.4-1.2.s390x", product_id: "postgresql95-plperl-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-plpython-9.5.4-1.2.s390x", product: { name: "postgresql95-plpython-9.5.4-1.2.s390x", product_id: "postgresql95-plpython-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-pltcl-9.5.4-1.2.s390x", product: { name: "postgresql95-pltcl-9.5.4-1.2.s390x", product_id: "postgresql95-pltcl-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-server-9.5.4-1.2.s390x", product: { name: "postgresql95-server-9.5.4-1.2.s390x", product_id: "postgresql95-server-9.5.4-1.2.s390x", }, }, { category: "product_version", name: "postgresql95-test-9.5.4-1.2.s390x", product: { name: "postgresql95-test-9.5.4-1.2.s390x", product_id: "postgresql95-test-9.5.4-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libecpg6-9.5.4-1.2.x86_64", product: { name: "libecpg6-9.5.4-1.2.x86_64", product_id: "libecpg6-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "libecpg6-32bit-9.5.4-1.2.x86_64", product: { name: "libecpg6-32bit-9.5.4-1.2.x86_64", product_id: "libecpg6-32bit-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "libpq5-9.5.4-1.2.x86_64", product: { name: "libpq5-9.5.4-1.2.x86_64", product_id: "libpq5-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "libpq5-32bit-9.5.4-1.2.x86_64", product: { name: "libpq5-32bit-9.5.4-1.2.x86_64", product_id: "libpq5-32bit-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-9.5.4-1.2.x86_64", product: { name: "postgresql95-9.5.4-1.2.x86_64", product_id: "postgresql95-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-contrib-9.5.4-1.2.x86_64", product: { name: "postgresql95-contrib-9.5.4-1.2.x86_64", product_id: "postgresql95-contrib-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-devel-9.5.4-1.2.x86_64", product: { name: "postgresql95-devel-9.5.4-1.2.x86_64", product_id: "postgresql95-devel-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-docs-9.5.4-1.2.x86_64", product: { name: "postgresql95-docs-9.5.4-1.2.x86_64", product_id: "postgresql95-docs-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-plperl-9.5.4-1.2.x86_64", product: { name: "postgresql95-plperl-9.5.4-1.2.x86_64", product_id: "postgresql95-plperl-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-plpython-9.5.4-1.2.x86_64", product: { name: "postgresql95-plpython-9.5.4-1.2.x86_64", product_id: "postgresql95-plpython-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-pltcl-9.5.4-1.2.x86_64", product: { name: "postgresql95-pltcl-9.5.4-1.2.x86_64", product_id: "postgresql95-pltcl-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-server-9.5.4-1.2.x86_64", product: { name: "postgresql95-server-9.5.4-1.2.x86_64", product_id: "postgresql95-server-9.5.4-1.2.x86_64", }, }, { category: "product_version", name: "postgresql95-test-9.5.4-1.2.x86_64", product: { name: "postgresql95-test-9.5.4-1.2.x86_64", product_id: "postgresql95-test-9.5.4-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libecpg6-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", }, product_reference: "libecpg6-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", }, product_reference: "libecpg6-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", }, product_reference: "libecpg6-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", }, product_reference: "libecpg6-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-32bit-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", }, product_reference: "libecpg6-32bit-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-32bit-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", }, product_reference: "libecpg6-32bit-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-32bit-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", }, product_reference: "libecpg6-32bit-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libecpg6-32bit-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", }, product_reference: "libecpg6-32bit-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", }, product_reference: "libpq5-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", }, product_reference: "libpq5-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", }, product_reference: "libpq5-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", }, product_reference: "libpq5-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-32bit-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", }, product_reference: "libpq5-32bit-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-32bit-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", }, product_reference: "libpq5-32bit-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-32bit-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", }, product_reference: "libpq5-32bit-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "libpq5-32bit-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", }, product_reference: "libpq5-32bit-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", }, product_reference: "postgresql95-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-contrib-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-contrib-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-contrib-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-contrib-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-contrib-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", }, product_reference: "postgresql95-contrib-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-contrib-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-contrib-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-devel-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-devel-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-devel-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-devel-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-devel-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", }, product_reference: "postgresql95-devel-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-devel-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-devel-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-docs-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-docs-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-docs-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-docs-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-docs-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", }, product_reference: "postgresql95-docs-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-docs-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-docs-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plperl-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-plperl-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plperl-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-plperl-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plperl-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", }, product_reference: "postgresql95-plperl-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plperl-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-plperl-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plpython-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-plpython-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plpython-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-plpython-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plpython-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", }, product_reference: "postgresql95-plpython-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-plpython-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-plpython-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-pltcl-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-pltcl-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-pltcl-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-pltcl-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-pltcl-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", }, product_reference: "postgresql95-pltcl-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-pltcl-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-pltcl-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-server-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-server-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-server-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-server-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-server-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", }, product_reference: "postgresql95-server-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-server-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-server-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-test-9.5.4-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", }, product_reference: "postgresql95-test-9.5.4-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-test-9.5.4-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", }, product_reference: "postgresql95-test-9.5.4-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-test-9.5.4-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", }, product_reference: "postgresql95-test-9.5.4-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql95-test-9.5.4-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", }, product_reference: "postgresql95-test-9.5.4-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2007-4772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-4772", }, ], notes: [ { category: "general", text: "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-4772", url: "https://www.suse.com/security/cve/CVE-2007-4772", }, { category: "external", summary: "SUSE Bug 329282 for CVE-2007-4772", url: "https://bugzilla.suse.com/329282", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2007-4772", }, { cve: "CVE-2007-6600", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6600", }, ], notes: [ { category: "general", text: "PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6600", url: "https://www.suse.com/security/cve/CVE-2007-6600", }, { category: "external", summary: "SUSE Bug 329282 for CVE-2007-6600", url: "https://bugzilla.suse.com/329282", }, { category: "external", summary: "SUSE Bug 537706 for CVE-2007-6600", url: "https://bugzilla.suse.com/537706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-6600", }, { cve: "CVE-2009-4034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-4034", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-4034", url: "https://www.suse.com/security/cve/CVE-2009-4034", }, { category: "external", summary: "SUSE Bug 564710 for CVE-2009-4034", url: "https://bugzilla.suse.com/564710", }, { category: "external", summary: "SUSE Bug 603968 for CVE-2009-4034", url: "https://bugzilla.suse.com/603968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-4034", }, { cve: "CVE-2009-4136", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-4136", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-4136", url: "https://www.suse.com/security/cve/CVE-2009-4136", }, { category: "external", summary: "SUSE Bug 564360 for CVE-2009-4136", url: "https://bugzilla.suse.com/564360", }, { category: "external", summary: "SUSE Bug 603969 for CVE-2009-4136", url: "https://bugzilla.suse.com/603969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-4136", }, { cve: "CVE-2010-1169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1169", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1169", url: "https://www.suse.com/security/cve/CVE-2010-1169", }, { category: "external", summary: "SUSE Bug 605926 for CVE-2010-1169", url: "https://bugzilla.suse.com/605926", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-1169", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2010-1169", }, { cve: "CVE-2010-1170", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1170", }, ], notes: [ { category: "general", text: "The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1170", url: "https://www.suse.com/security/cve/CVE-2010-1170", }, { category: "external", summary: "SUSE Bug 605845 for CVE-2010-1170", url: "https://bugzilla.suse.com/605845", }, { category: "external", summary: "SUSE Bug 605926 for CVE-2010-1170", url: "https://bugzilla.suse.com/605926", }, { category: "external", summary: "SUSE Bug 634562 for CVE-2010-1170", url: "https://bugzilla.suse.com/634562", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-1170", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-1170", }, { cve: "CVE-2010-3433", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-3433", }, ], notes: [ { category: "general", text: "The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-3433", url: "https://www.suse.com/security/cve/CVE-2010-3433", }, { category: "external", summary: "SUSE Bug 643771 for CVE-2010-3433", url: "https://bugzilla.suse.com/643771", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-3433", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-3433", }, { cve: "CVE-2012-0866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0866", }, ], notes: [ { category: "general", text: "CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0866", url: "https://www.suse.com/security/cve/CVE-2012-0866", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0866", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0866", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0866", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0866", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0866", }, { cve: "CVE-2012-0867", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0867", }, ], notes: [ { category: "general", text: "PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0867", url: "https://www.suse.com/security/cve/CVE-2012-0867", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0867", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0867", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0867", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0867", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0867", }, { cve: "CVE-2012-0868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0868", }, ], notes: [ { category: "general", text: "CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0868", url: "https://www.suse.com/security/cve/CVE-2012-0868", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0868", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0868", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0868", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0868", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0868", }, { cve: "CVE-2012-2143", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2143", }, ], notes: [ { category: "general", text: "The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2143", url: "https://www.suse.com/security/cve/CVE-2012-2143", }, { category: "external", summary: "SUSE Bug 766797 for CVE-2012-2143", url: "https://bugzilla.suse.com/766797", }, { category: "external", summary: "SUSE Bug 766798 for CVE-2012-2143", url: "https://bugzilla.suse.com/766798", }, { category: "external", summary: "SUSE Bug 766799 for CVE-2012-2143", url: "https://bugzilla.suse.com/766799", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-2143", }, { cve: "CVE-2012-2655", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2655", }, ], notes: [ { category: "general", text: "PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2655", url: "https://www.suse.com/security/cve/CVE-2012-2655", }, { category: "external", summary: "SUSE Bug 765069 for CVE-2012-2655", url: "https://bugzilla.suse.com/765069", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-2655", }, { cve: "CVE-2012-3488", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3488", }, ], notes: [ { category: "general", text: "The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3488", url: "https://www.suse.com/security/cve/CVE-2012-3488", }, { category: "external", summary: "SUSE Bug 776523 for CVE-2012-3488", url: "https://bugzilla.suse.com/776523", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3488", }, { cve: "CVE-2012-3489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3489", }, ], notes: [ { category: "general", text: "The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3489", url: "https://www.suse.com/security/cve/CVE-2012-3489", }, { category: "external", summary: "SUSE Bug 776524 for CVE-2012-3489", url: "https://bugzilla.suse.com/776524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3489", }, { cve: "CVE-2013-0255", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-0255", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-0255", url: "https://www.suse.com/security/cve/CVE-2013-0255", }, { category: "external", summary: "SUSE Bug 802679 for CVE-2013-0255", url: "https://bugzilla.suse.com/802679", }, { category: "external", summary: "SUSE Bug 803057 for CVE-2013-0255", url: "https://bugzilla.suse.com/803057", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-0255", }, { cve: "CVE-2013-1899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1899", }, ], notes: [ { category: "general", text: "Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a \"-\" (hyphen).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1899", url: "https://www.suse.com/security/cve/CVE-2013-1899", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1899", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1899", }, { cve: "CVE-2013-1900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1900", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the \"contrib/pgcrypto functions.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1900", url: "https://www.suse.com/security/cve/CVE-2013-1900", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1900", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1900", }, { cve: "CVE-2013-1901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1901", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1901", url: "https://www.suse.com/security/cve/CVE-2013-1901", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1901", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1901", }, { cve: "CVE-2014-0060", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0060", }, ], notes: [ { category: "general", text: "PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0060", url: "https://www.suse.com/security/cve/CVE-2014-0060", }, { category: "external", summary: "SUSE Bug 864845 for CVE-2014-0060", url: "https://bugzilla.suse.com/864845", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0060", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2014-0060", }, { cve: "CVE-2014-0061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0061", }, ], notes: [ { category: "general", text: "The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0061", url: "https://www.suse.com/security/cve/CVE-2014-0061", }, { category: "external", summary: "SUSE Bug 864846 for CVE-2014-0061", url: "https://bugzilla.suse.com/864846", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0061", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0061", }, { cve: "CVE-2014-0062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0062", }, ], notes: [ { category: "general", text: "Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0062", url: "https://www.suse.com/security/cve/CVE-2014-0062", }, { category: "external", summary: "SUSE Bug 864847 for CVE-2014-0062", url: "https://bugzilla.suse.com/864847", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0062", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0062", }, { cve: "CVE-2014-0063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0063", }, ], notes: [ { category: "general", text: "Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0063", url: "https://www.suse.com/security/cve/CVE-2014-0063", }, { category: "external", summary: "SUSE Bug 864850 for CVE-2014-0063", url: "https://bugzilla.suse.com/864850", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0063", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0063", }, { cve: "CVE-2014-0064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0064", }, ], notes: [ { category: "general", text: "Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0064", url: "https://www.suse.com/security/cve/CVE-2014-0064", }, { category: "external", summary: "SUSE Bug 864851 for CVE-2014-0064", url: "https://bugzilla.suse.com/864851", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0064", url: "https://bugzilla.suse.com/864856", }, { category: "external", summary: "SUSE Bug 871307 for CVE-2014-0064", url: "https://bugzilla.suse.com/871307", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0064", }, { cve: "CVE-2014-0065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0065", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0065", url: "https://www.suse.com/security/cve/CVE-2014-0065", }, { category: "external", summary: "SUSE Bug 864852 for CVE-2014-0065", url: "https://bugzilla.suse.com/864852", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0065", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0065", }, { cve: "CVE-2014-0066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0066", }, ], notes: [ { category: "general", text: "The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0066", url: "https://www.suse.com/security/cve/CVE-2014-0066", }, { category: "external", summary: "SUSE Bug 864853 for CVE-2014-0066", url: "https://bugzilla.suse.com/864853", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0066", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0066", }, { cve: "CVE-2014-0067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0067", }, ], notes: [ { category: "general", text: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0067", url: "https://www.suse.com/security/cve/CVE-2014-0067", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0067", url: "https://bugzilla.suse.com/864856", }, { category: "external", summary: "SUSE Bug 872783 for CVE-2014-0067", url: "https://bugzilla.suse.com/872783", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2014-0067", }, { cve: "CVE-2015-3165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3165", }, ], notes: [ { category: "general", text: "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3165", url: "https://www.suse.com/security/cve/CVE-2015-3165", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3165", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3165", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3165", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3165", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3165", }, { cve: "CVE-2015-3166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3166", }, ], notes: [ { category: "general", text: "The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3166", url: "https://www.suse.com/security/cve/CVE-2015-3166", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3166", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3166", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3166", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3166", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3166", }, { cve: "CVE-2015-3167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3167", }, ], notes: [ { category: "general", text: "contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3167", url: "https://www.suse.com/security/cve/CVE-2015-3167", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3167", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3167", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3167", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3167", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3167", }, { cve: "CVE-2015-5288", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-5288", }, ], notes: [ { category: "general", text: "The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a \"too-short\" salt.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-5288", url: "https://www.suse.com/security/cve/CVE-2015-5288", }, { category: "external", summary: "SUSE Bug 949669 for CVE-2015-5288", url: "https://bugzilla.suse.com/949669", }, { category: "external", summary: "SUSE Bug 949670 for CVE-2015-5288", url: "https://bugzilla.suse.com/949670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2015-5288", }, { cve: "CVE-2015-5289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-5289", }, ], notes: [ { category: "general", text: "Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-5289", url: "https://www.suse.com/security/cve/CVE-2015-5289", }, { category: "external", summary: "SUSE Bug 949669 for CVE-2015-5289", url: "https://bugzilla.suse.com/949669", }, { category: "external", summary: "SUSE Bug 949670 for CVE-2015-5289", url: "https://bugzilla.suse.com/949670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-5289", }, { cve: "CVE-2016-0766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-0766", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-0766", url: "https://www.suse.com/security/cve/CVE-2016-0766", }, { category: "external", summary: "SUSE Bug 966435 for CVE-2016-0766", url: "https://bugzilla.suse.com/966435", }, { category: "external", summary: "SUSE Bug 966436 for CVE-2016-0766", url: "https://bugzilla.suse.com/966436", }, { category: "external", summary: "SUSE Bug 978323 for CVE-2016-0766", url: "https://bugzilla.suse.com/978323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-0766", }, { cve: "CVE-2016-0773", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-0773", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-0773", url: "https://www.suse.com/security/cve/CVE-2016-0773", }, { category: "external", summary: "SUSE Bug 966435 for CVE-2016-0773", url: "https://bugzilla.suse.com/966435", }, { category: "external", summary: "SUSE Bug 966436 for CVE-2016-0773", url: "https://bugzilla.suse.com/966436", }, { category: "external", summary: "SUSE Bug 978323 for CVE-2016-0773", url: "https://bugzilla.suse.com/978323", }, { category: "external", summary: "SUSE Bug 983246 for CVE-2016-0773", url: "https://bugzilla.suse.com/983246", }, { category: "external", summary: "SUSE Bug 986409 for CVE-2016-0773", url: "https://bugzilla.suse.com/986409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-0773", }, { cve: "CVE-2016-2193", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2193", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.5.x before 9.5.2 does not properly maintain row-security status in cached plans, which might allow attackers to bypass intended access restrictions by leveraging a session that performs queries as more than one role.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2193", url: "https://www.suse.com/security/cve/CVE-2016-2193", }, { category: "external", summary: "SUSE Bug 978456 for CVE-2016-2193", url: "https://bugzilla.suse.com/978456", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2016-2193", }, { cve: "CVE-2016-3065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-3065", }, ], notes: [ { category: "general", text: "The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-3065", url: "https://www.suse.com/security/cve/CVE-2016-3065", }, { category: "external", summary: "SUSE Bug 978456 for CVE-2016-3065", url: "https://bugzilla.suse.com/978456", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2016-3065", }, { cve: "CVE-2016-5423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5423", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5423", url: "https://www.suse.com/security/cve/CVE-2016-5423", }, { category: "external", summary: "SUSE Bug 1041981 for CVE-2016-5423", url: "https://bugzilla.suse.com/1041981", }, { category: "external", summary: "SUSE Bug 1042497 for CVE-2016-5423", url: "https://bugzilla.suse.com/1042497", }, { category: "external", summary: "SUSE Bug 1052683 for CVE-2016-5423", url: "https://bugzilla.suse.com/1052683", }, { category: "external", summary: "SUSE Bug 993454 for CVE-2016-5423", url: "https://bugzilla.suse.com/993454", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5423", }, { cve: "CVE-2016-5424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5424", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) \" (double quote), (2) \\ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5424", url: "https://www.suse.com/security/cve/CVE-2016-5424", }, { category: "external", summary: "SUSE Bug 1041981 for CVE-2016-5424", url: "https://bugzilla.suse.com/1041981", }, { category: "external", summary: "SUSE Bug 1042497 for CVE-2016-5424", url: "https://bugzilla.suse.com/1042497", }, { category: "external", summary: "SUSE Bug 1052683 for CVE-2016-5424", url: "https://bugzilla.suse.com/1052683", }, { category: "external", summary: "SUSE Bug 993453 for CVE-2016-5424", url: "https://bugzilla.suse.com/993453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libecpg6-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-32bit-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.s390x", "openSUSE Tumbleweed:libpq5-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-contrib-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-devel-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-docs-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plperl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-plpython-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-pltcl-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-server-9.5.4-1.2.x86_64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.aarch64", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.ppc64le", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.s390x", "openSUSE Tumbleweed:postgresql95-test-9.5.4-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5424", }, ], }
opensuse-su-2024:10256-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
postgresql93-9.3.15-1.1 on GA media
Notes
Title of the patch
postgresql93-9.3.15-1.1 on GA media
Description of the patch
These are all security issues fixed in the postgresql93-9.3.15-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10256
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "postgresql93-9.3.15-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the postgresql93-9.3.15-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10256", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10256-1.json", }, { category: "self", summary: "SUSE CVE CVE-2007-4772 page", url: "https://www.suse.com/security/cve/CVE-2007-4772/", }, { category: "self", summary: "SUSE CVE CVE-2007-6600 page", url: "https://www.suse.com/security/cve/CVE-2007-6600/", }, { category: "self", summary: "SUSE CVE CVE-2009-4034 page", url: "https://www.suse.com/security/cve/CVE-2009-4034/", }, { category: "self", summary: "SUSE CVE CVE-2009-4136 page", url: "https://www.suse.com/security/cve/CVE-2009-4136/", }, { category: "self", summary: "SUSE CVE CVE-2010-1169 page", url: "https://www.suse.com/security/cve/CVE-2010-1169/", }, { category: "self", summary: "SUSE CVE CVE-2010-1170 page", url: "https://www.suse.com/security/cve/CVE-2010-1170/", }, { category: "self", summary: "SUSE CVE CVE-2010-3433 page", url: "https://www.suse.com/security/cve/CVE-2010-3433/", }, { category: "self", summary: "SUSE CVE CVE-2012-0866 page", url: "https://www.suse.com/security/cve/CVE-2012-0866/", }, { category: "self", summary: "SUSE CVE CVE-2012-0867 page", url: "https://www.suse.com/security/cve/CVE-2012-0867/", }, { category: "self", summary: "SUSE CVE CVE-2012-0868 page", url: "https://www.suse.com/security/cve/CVE-2012-0868/", }, { category: "self", summary: "SUSE CVE CVE-2012-2143 page", url: "https://www.suse.com/security/cve/CVE-2012-2143/", }, { category: "self", summary: "SUSE CVE CVE-2012-2655 page", url: "https://www.suse.com/security/cve/CVE-2012-2655/", }, { category: "self", summary: "SUSE CVE CVE-2012-3488 page", url: "https://www.suse.com/security/cve/CVE-2012-3488/", }, { category: "self", summary: "SUSE CVE CVE-2012-3489 page", url: "https://www.suse.com/security/cve/CVE-2012-3489/", }, { category: "self", summary: "SUSE CVE CVE-2013-0255 page", url: "https://www.suse.com/security/cve/CVE-2013-0255/", }, { category: "self", summary: "SUSE CVE CVE-2013-1899 page", url: "https://www.suse.com/security/cve/CVE-2013-1899/", }, { category: "self", summary: "SUSE CVE CVE-2013-1900 page", url: "https://www.suse.com/security/cve/CVE-2013-1900/", }, { category: "self", summary: "SUSE CVE CVE-2013-1901 page", url: "https://www.suse.com/security/cve/CVE-2013-1901/", }, { category: "self", summary: "SUSE CVE CVE-2014-0060 page", url: "https://www.suse.com/security/cve/CVE-2014-0060/", }, { category: "self", summary: "SUSE CVE CVE-2014-0061 page", url: "https://www.suse.com/security/cve/CVE-2014-0061/", }, { category: "self", summary: "SUSE CVE CVE-2014-0062 page", url: "https://www.suse.com/security/cve/CVE-2014-0062/", }, { category: "self", summary: "SUSE CVE CVE-2014-0063 page", url: "https://www.suse.com/security/cve/CVE-2014-0063/", }, { category: "self", summary: "SUSE CVE CVE-2014-0064 page", url: "https://www.suse.com/security/cve/CVE-2014-0064/", }, { category: "self", summary: "SUSE CVE CVE-2014-0065 page", url: "https://www.suse.com/security/cve/CVE-2014-0065/", }, { category: "self", summary: "SUSE CVE CVE-2014-0066 page", url: "https://www.suse.com/security/cve/CVE-2014-0066/", }, { category: "self", summary: "SUSE CVE CVE-2014-0067 page", url: "https://www.suse.com/security/cve/CVE-2014-0067/", }, { category: "self", summary: "SUSE CVE CVE-2014-8161 page", url: "https://www.suse.com/security/cve/CVE-2014-8161/", }, { category: "self", summary: "SUSE CVE CVE-2015-0241 page", url: "https://www.suse.com/security/cve/CVE-2015-0241/", }, { category: "self", summary: "SUSE CVE CVE-2015-0242 page", url: "https://www.suse.com/security/cve/CVE-2015-0242/", }, { category: "self", summary: "SUSE CVE CVE-2015-0243 page", url: "https://www.suse.com/security/cve/CVE-2015-0243/", }, { category: "self", summary: "SUSE CVE CVE-2015-0244 page", url: "https://www.suse.com/security/cve/CVE-2015-0244/", }, { category: "self", summary: "SUSE CVE CVE-2015-3165 page", url: "https://www.suse.com/security/cve/CVE-2015-3165/", }, { category: "self", summary: "SUSE CVE CVE-2015-3166 page", url: "https://www.suse.com/security/cve/CVE-2015-3166/", }, { category: "self", summary: "SUSE CVE CVE-2015-3167 page", url: "https://www.suse.com/security/cve/CVE-2015-3167/", }, { category: "self", summary: "SUSE CVE CVE-2015-5288 page", url: "https://www.suse.com/security/cve/CVE-2015-5288/", }, { category: "self", summary: "SUSE CVE CVE-2015-5289 page", url: "https://www.suse.com/security/cve/CVE-2015-5289/", }, { category: "self", summary: "SUSE CVE CVE-2016-0766 page", url: "https://www.suse.com/security/cve/CVE-2016-0766/", }, { category: "self", summary: "SUSE CVE CVE-2016-0773 page", url: "https://www.suse.com/security/cve/CVE-2016-0773/", }, { category: "self", summary: "SUSE CVE CVE-2016-5423 page", url: "https://www.suse.com/security/cve/CVE-2016-5423/", }, { category: "self", summary: "SUSE CVE CVE-2016-5424 page", url: "https://www.suse.com/security/cve/CVE-2016-5424/", }, ], title: "postgresql93-9.3.15-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10256-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "postgresql93-9.3.15-1.1.aarch64", product: { name: "postgresql93-9.3.15-1.1.aarch64", product_id: "postgresql93-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-contrib-9.3.15-1.1.aarch64", product: { name: "postgresql93-contrib-9.3.15-1.1.aarch64", product_id: "postgresql93-contrib-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-devel-9.3.15-1.1.aarch64", product: { name: "postgresql93-devel-9.3.15-1.1.aarch64", product_id: "postgresql93-devel-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-docs-9.3.15-1.1.aarch64", product: { name: "postgresql93-docs-9.3.15-1.1.aarch64", product_id: "postgresql93-docs-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-plperl-9.3.15-1.1.aarch64", product: { name: "postgresql93-plperl-9.3.15-1.1.aarch64", product_id: "postgresql93-plperl-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-plpython-9.3.15-1.1.aarch64", product: { name: "postgresql93-plpython-9.3.15-1.1.aarch64", product_id: "postgresql93-plpython-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-pltcl-9.3.15-1.1.aarch64", product: { name: "postgresql93-pltcl-9.3.15-1.1.aarch64", product_id: "postgresql93-pltcl-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-server-9.3.15-1.1.aarch64", product: { name: "postgresql93-server-9.3.15-1.1.aarch64", product_id: "postgresql93-server-9.3.15-1.1.aarch64", }, }, { category: "product_version", name: "postgresql93-test-9.3.15-1.1.aarch64", product: { name: "postgresql93-test-9.3.15-1.1.aarch64", product_id: "postgresql93-test-9.3.15-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "postgresql93-9.3.15-1.1.ppc64le", product: { name: "postgresql93-9.3.15-1.1.ppc64le", product_id: "postgresql93-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-contrib-9.3.15-1.1.ppc64le", product: { name: "postgresql93-contrib-9.3.15-1.1.ppc64le", product_id: "postgresql93-contrib-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-devel-9.3.15-1.1.ppc64le", product: { name: "postgresql93-devel-9.3.15-1.1.ppc64le", product_id: "postgresql93-devel-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-docs-9.3.15-1.1.ppc64le", product: { name: "postgresql93-docs-9.3.15-1.1.ppc64le", product_id: "postgresql93-docs-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-plperl-9.3.15-1.1.ppc64le", product: { name: "postgresql93-plperl-9.3.15-1.1.ppc64le", product_id: "postgresql93-plperl-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-plpython-9.3.15-1.1.ppc64le", product: { name: "postgresql93-plpython-9.3.15-1.1.ppc64le", product_id: "postgresql93-plpython-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-pltcl-9.3.15-1.1.ppc64le", product: { name: "postgresql93-pltcl-9.3.15-1.1.ppc64le", product_id: "postgresql93-pltcl-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-server-9.3.15-1.1.ppc64le", product: { name: "postgresql93-server-9.3.15-1.1.ppc64le", product_id: "postgresql93-server-9.3.15-1.1.ppc64le", }, }, { category: "product_version", name: "postgresql93-test-9.3.15-1.1.ppc64le", product: { name: "postgresql93-test-9.3.15-1.1.ppc64le", product_id: "postgresql93-test-9.3.15-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "postgresql93-9.3.15-1.1.s390x", product: { name: "postgresql93-9.3.15-1.1.s390x", product_id: "postgresql93-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-contrib-9.3.15-1.1.s390x", product: { name: "postgresql93-contrib-9.3.15-1.1.s390x", product_id: "postgresql93-contrib-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-devel-9.3.15-1.1.s390x", product: { name: "postgresql93-devel-9.3.15-1.1.s390x", product_id: "postgresql93-devel-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-docs-9.3.15-1.1.s390x", product: { name: "postgresql93-docs-9.3.15-1.1.s390x", product_id: "postgresql93-docs-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-plperl-9.3.15-1.1.s390x", product: { name: "postgresql93-plperl-9.3.15-1.1.s390x", product_id: "postgresql93-plperl-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-plpython-9.3.15-1.1.s390x", product: { name: "postgresql93-plpython-9.3.15-1.1.s390x", product_id: "postgresql93-plpython-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-pltcl-9.3.15-1.1.s390x", product: { name: "postgresql93-pltcl-9.3.15-1.1.s390x", product_id: "postgresql93-pltcl-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-server-9.3.15-1.1.s390x", product: { name: "postgresql93-server-9.3.15-1.1.s390x", product_id: "postgresql93-server-9.3.15-1.1.s390x", }, }, { category: "product_version", name: "postgresql93-test-9.3.15-1.1.s390x", product: { name: "postgresql93-test-9.3.15-1.1.s390x", product_id: "postgresql93-test-9.3.15-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "postgresql93-9.3.15-1.1.x86_64", product: { name: "postgresql93-9.3.15-1.1.x86_64", product_id: "postgresql93-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-contrib-9.3.15-1.1.x86_64", product: { name: "postgresql93-contrib-9.3.15-1.1.x86_64", product_id: "postgresql93-contrib-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-devel-9.3.15-1.1.x86_64", product: { name: "postgresql93-devel-9.3.15-1.1.x86_64", product_id: "postgresql93-devel-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-docs-9.3.15-1.1.x86_64", product: { name: "postgresql93-docs-9.3.15-1.1.x86_64", product_id: "postgresql93-docs-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-plperl-9.3.15-1.1.x86_64", product: { name: "postgresql93-plperl-9.3.15-1.1.x86_64", product_id: "postgresql93-plperl-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-plpython-9.3.15-1.1.x86_64", product: { name: "postgresql93-plpython-9.3.15-1.1.x86_64", product_id: "postgresql93-plpython-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-pltcl-9.3.15-1.1.x86_64", product: { name: "postgresql93-pltcl-9.3.15-1.1.x86_64", product_id: "postgresql93-pltcl-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-server-9.3.15-1.1.x86_64", product: { name: "postgresql93-server-9.3.15-1.1.x86_64", product_id: "postgresql93-server-9.3.15-1.1.x86_64", }, }, { category: "product_version", name: "postgresql93-test-9.3.15-1.1.x86_64", product: { name: "postgresql93-test-9.3.15-1.1.x86_64", product_id: "postgresql93-test-9.3.15-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "postgresql93-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", }, product_reference: "postgresql93-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-contrib-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-contrib-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-contrib-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-contrib-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-contrib-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", }, product_reference: "postgresql93-contrib-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-contrib-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-contrib-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-devel-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-devel-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-devel-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-devel-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-devel-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", }, product_reference: "postgresql93-devel-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-devel-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-devel-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-docs-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-docs-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-docs-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-docs-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-docs-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", }, product_reference: "postgresql93-docs-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-docs-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-docs-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plperl-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-plperl-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plperl-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-plperl-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plperl-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", }, product_reference: "postgresql93-plperl-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plperl-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-plperl-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plpython-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-plpython-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plpython-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-plpython-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plpython-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", }, product_reference: "postgresql93-plpython-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-plpython-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-plpython-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-pltcl-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-pltcl-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-pltcl-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-pltcl-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-pltcl-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", }, product_reference: "postgresql93-pltcl-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-pltcl-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-pltcl-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-server-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-server-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-server-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-server-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-server-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", }, product_reference: "postgresql93-server-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-server-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-server-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-test-9.3.15-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", }, product_reference: "postgresql93-test-9.3.15-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-test-9.3.15-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", }, product_reference: "postgresql93-test-9.3.15-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-test-9.3.15-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", }, product_reference: "postgresql93-test-9.3.15-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "postgresql93-test-9.3.15-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", }, product_reference: "postgresql93-test-9.3.15-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2007-4772", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-4772", }, ], notes: [ { category: "general", text: "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-4772", url: "https://www.suse.com/security/cve/CVE-2007-4772", }, { category: "external", summary: "SUSE Bug 329282 for CVE-2007-4772", url: "https://bugzilla.suse.com/329282", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2007-4772", }, { cve: "CVE-2007-6600", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2007-6600", }, ], notes: [ { category: "general", text: "PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3) SET ROLE and (4) SET SESSION AUTHORIZATION within index functions, which allows remote authenticated users to gain privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2007-6600", url: "https://www.suse.com/security/cve/CVE-2007-6600", }, { category: "external", summary: "SUSE Bug 329282 for CVE-2007-6600", url: "https://bugzilla.suse.com/329282", }, { category: "external", summary: "SUSE Bug 537706 for CVE-2007-6600", url: "https://bugzilla.suse.com/537706", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2007-6600", }, { cve: "CVE-2009-4034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-4034", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-4034", url: "https://www.suse.com/security/cve/CVE-2009-4034", }, { category: "external", summary: "SUSE Bug 564710 for CVE-2009-4034", url: "https://bugzilla.suse.com/564710", }, { category: "external", summary: "SUSE Bug 603968 for CVE-2009-4034", url: "https://bugzilla.suse.com/603968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-4034", }, { cve: "CVE-2009-4136", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-4136", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-4136", url: "https://www.suse.com/security/cve/CVE-2009-4136", }, { category: "external", summary: "SUSE Bug 564360 for CVE-2009-4136", url: "https://bugzilla.suse.com/564360", }, { category: "external", summary: "SUSE Bug 603969 for CVE-2009-4136", url: "https://bugzilla.suse.com/603969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-4136", }, { cve: "CVE-2010-1169", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1169", }, ], notes: [ { category: "general", text: "PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1169", url: "https://www.suse.com/security/cve/CVE-2010-1169", }, { category: "external", summary: "SUSE Bug 605926 for CVE-2010-1169", url: "https://bugzilla.suse.com/605926", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-1169", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2010-1169", }, { cve: "CVE-2010-1170", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1170", }, ], notes: [ { category: "general", text: "The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the table's ownership and permissions, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Tcl code by creating this table and inserting a crafted Tcl script.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1170", url: "https://www.suse.com/security/cve/CVE-2010-1170", }, { category: "external", summary: "SUSE Bug 605845 for CVE-2010-1170", url: "https://bugzilla.suse.com/605845", }, { category: "external", summary: "SUSE Bug 605926 for CVE-2010-1170", url: "https://bugzilla.suse.com/605926", }, { category: "external", summary: "SUSE Bug 634562 for CVE-2010-1170", url: "https://bugzilla.suse.com/634562", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-1170", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-1170", }, { cve: "CVE-2010-3433", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-3433", }, ], notes: [ { category: "general", text: "The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-3433", url: "https://www.suse.com/security/cve/CVE-2010-3433", }, { category: "external", summary: "SUSE Bug 643771 for CVE-2010-3433", url: "https://bugzilla.suse.com/643771", }, { category: "external", summary: "SUSE Bug 648140 for CVE-2010-3433", url: "https://bugzilla.suse.com/648140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-3433", }, { cve: "CVE-2012-0866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0866", }, ], notes: [ { category: "general", text: "CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to execute otherwise restricted triggers on arbitrary data by installing the trigger on an attacker-owned table.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0866", url: "https://www.suse.com/security/cve/CVE-2012-0866", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0866", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0866", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0866", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0866", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0866", }, { cve: "CVE-2012-0867", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0867", }, ], notes: [ { category: "general", text: "PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0867", url: "https://www.suse.com/security/cve/CVE-2012-0867", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0867", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0867", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0867", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0867", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0867", }, { cve: "CVE-2012-0868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-0868", }, ], notes: [ { category: "general", text: "CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-0868", url: "https://www.suse.com/security/cve/CVE-2012-0868", }, { category: "external", summary: "SUSE Bug 701489 for CVE-2012-0868", url: "https://bugzilla.suse.com/701489", }, { category: "external", summary: "SUSE Bug 749299 for CVE-2012-0868", url: "https://bugzilla.suse.com/749299", }, { category: "external", summary: "SUSE Bug 749301 for CVE-2012-0868", url: "https://bugzilla.suse.com/749301", }, { category: "external", summary: "SUSE Bug 749303 for CVE-2012-0868", url: "https://bugzilla.suse.com/749303", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-0868", }, { cve: "CVE-2012-2143", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2143", }, ], notes: [ { category: "general", text: "The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2143", url: "https://www.suse.com/security/cve/CVE-2012-2143", }, { category: "external", summary: "SUSE Bug 766797 for CVE-2012-2143", url: "https://bugzilla.suse.com/766797", }, { category: "external", summary: "SUSE Bug 766798 for CVE-2012-2143", url: "https://bugzilla.suse.com/766798", }, { category: "external", summary: "SUSE Bug 766799 for CVE-2012-2143", url: "https://bugzilla.suse.com/766799", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-2143", }, { cve: "CVE-2012-2655", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2655", }, ], notes: [ { category: "general", text: "PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2655", url: "https://www.suse.com/security/cve/CVE-2012-2655", }, { category: "external", summary: "SUSE Bug 765069 for CVE-2012-2655", url: "https://bugzilla.suse.com/765069", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-2655", }, { cve: "CVE-2012-3488", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3488", }, ], notes: [ { category: "general", text: "The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3488", url: "https://www.suse.com/security/cve/CVE-2012-3488", }, { category: "external", summary: "SUSE Bug 776523 for CVE-2012-3488", url: "https://bugzilla.suse.com/776523", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3488", }, { cve: "CVE-2012-3489", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3489", }, ], notes: [ { category: "general", text: "The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3489", url: "https://www.suse.com/security/cve/CVE-2012-3489", }, { category: "external", summary: "SUSE Bug 776524 for CVE-2012-3489", url: "https://bugzilla.suse.com/776524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3489", }, { cve: "CVE-2013-0255", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-0255", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-0255", url: "https://www.suse.com/security/cve/CVE-2013-0255", }, { category: "external", summary: "SUSE Bug 802679 for CVE-2013-0255", url: "https://bugzilla.suse.com/802679", }, { category: "external", summary: "SUSE Bug 803057 for CVE-2013-0255", url: "https://bugzilla.suse.com/803057", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-0255", }, { cve: "CVE-2013-1899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1899", }, ], notes: [ { category: "general", text: "Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a \"-\" (hyphen).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1899", url: "https://www.suse.com/security/cve/CVE-2013-1899", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1899", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1899", }, { cve: "CVE-2013-1900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1900", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the \"contrib/pgcrypto functions.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1900", url: "https://www.suse.com/security/cve/CVE-2013-1900", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1900", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1900", }, { cve: "CVE-2013-1901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1901", }, ], notes: [ { category: "general", text: "PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1901", url: "https://www.suse.com/security/cve/CVE-2013-1901", }, { category: "external", summary: "SUSE Bug 812525 for CVE-2013-1901", url: "https://bugzilla.suse.com/812525", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-1901", }, { cve: "CVE-2014-0060", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0060", }, ], notes: [ { category: "general", text: "PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0060", url: "https://www.suse.com/security/cve/CVE-2014-0060", }, { category: "external", summary: "SUSE Bug 864845 for CVE-2014-0060", url: "https://bugzilla.suse.com/864845", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0060", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2014-0060", }, { cve: "CVE-2014-0061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0061", }, ], notes: [ { category: "general", text: "The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0061", url: "https://www.suse.com/security/cve/CVE-2014-0061", }, { category: "external", summary: "SUSE Bug 864846 for CVE-2014-0061", url: "https://bugzilla.suse.com/864846", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0061", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0061", }, { cve: "CVE-2014-0062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0062", }, ], notes: [ { category: "general", text: "Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0062", url: "https://www.suse.com/security/cve/CVE-2014-0062", }, { category: "external", summary: "SUSE Bug 864847 for CVE-2014-0062", url: "https://bugzilla.suse.com/864847", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0062", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0062", }, { cve: "CVE-2014-0063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0063", }, ], notes: [ { category: "general", text: "Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0063", url: "https://www.suse.com/security/cve/CVE-2014-0063", }, { category: "external", summary: "SUSE Bug 864850 for CVE-2014-0063", url: "https://bugzilla.suse.com/864850", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0063", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0063", }, { cve: "CVE-2014-0064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0064", }, ], notes: [ { category: "general", text: "Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0064", url: "https://www.suse.com/security/cve/CVE-2014-0064", }, { category: "external", summary: "SUSE Bug 864851 for CVE-2014-0064", url: "https://bugzilla.suse.com/864851", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0064", url: "https://bugzilla.suse.com/864856", }, { category: "external", summary: "SUSE Bug 871307 for CVE-2014-0064", url: "https://bugzilla.suse.com/871307", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0064", }, { cve: "CVE-2014-0065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0065", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0065", url: "https://www.suse.com/security/cve/CVE-2014-0065", }, { category: "external", summary: "SUSE Bug 864852 for CVE-2014-0065", url: "https://bugzilla.suse.com/864852", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0065", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0065", }, { cve: "CVE-2014-0066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0066", }, ], notes: [ { category: "general", text: "The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0066", url: "https://www.suse.com/security/cve/CVE-2014-0066", }, { category: "external", summary: "SUSE Bug 864853 for CVE-2014-0066", url: "https://bugzilla.suse.com/864853", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0066", url: "https://bugzilla.suse.com/864856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-0066", }, { cve: "CVE-2014-0067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-0067", }, ], notes: [ { category: "general", text: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-0067", url: "https://www.suse.com/security/cve/CVE-2014-0067", }, { category: "external", summary: "SUSE Bug 864856 for CVE-2014-0067", url: "https://bugzilla.suse.com/864856", }, { category: "external", summary: "SUSE Bug 872783 for CVE-2014-0067", url: "https://bugzilla.suse.com/872783", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2014-0067", }, { cve: "CVE-2014-8161", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8161", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8161", url: "https://www.suse.com/security/cve/CVE-2014-8161", }, { category: "external", summary: "SUSE Bug 916953 for CVE-2014-8161", url: "https://bugzilla.suse.com/916953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-8161", }, { cve: "CVE-2015-0241", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0241", }, ], notes: [ { category: "general", text: "The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0241", url: "https://www.suse.com/security/cve/CVE-2015-0241", }, { category: "external", summary: "SUSE Bug 916953 for CVE-2015-0241", url: "https://bugzilla.suse.com/916953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0241", }, { cve: "CVE-2015-0242", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0242", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0242", url: "https://www.suse.com/security/cve/CVE-2015-0242", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0242", }, { cve: "CVE-2015-0243", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0243", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0243", url: "https://www.suse.com/security/cve/CVE-2015-0243", }, { category: "external", summary: "SUSE Bug 916953 for CVE-2015-0243", url: "https://bugzilla.suse.com/916953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0243", }, { cve: "CVE-2015-0244", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0244", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0244", url: "https://www.suse.com/security/cve/CVE-2015-0244", }, { category: "external", summary: "SUSE Bug 916953 for CVE-2015-0244", url: "https://bugzilla.suse.com/916953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0244", }, { cve: "CVE-2015-3165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3165", }, ], notes: [ { category: "general", text: "Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3165", url: "https://www.suse.com/security/cve/CVE-2015-3165", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3165", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3165", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3165", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3165", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3165", }, { cve: "CVE-2015-3166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3166", }, ], notes: [ { category: "general", text: "The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3166", url: "https://www.suse.com/security/cve/CVE-2015-3166", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3166", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3166", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3166", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3166", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3166", }, { cve: "CVE-2015-3167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3167", }, ], notes: [ { category: "general", text: "contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3167", url: "https://www.suse.com/security/cve/CVE-2015-3167", }, { category: "external", summary: "SUSE Bug 931972 for CVE-2015-3167", url: "https://bugzilla.suse.com/931972", }, { category: "external", summary: "SUSE Bug 931973 for CVE-2015-3167", url: "https://bugzilla.suse.com/931973", }, { category: "external", summary: "SUSE Bug 931974 for CVE-2015-3167", url: "https://bugzilla.suse.com/931974", }, { category: "external", summary: "SUSE Bug 932040 for CVE-2015-3167", url: "https://bugzilla.suse.com/932040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2015-3167", }, { cve: "CVE-2015-5288", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-5288", }, ], notes: [ { category: "general", text: "The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a \"too-short\" salt.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-5288", url: "https://www.suse.com/security/cve/CVE-2015-5288", }, { category: "external", summary: "SUSE Bug 949669 for CVE-2015-5288", url: "https://bugzilla.suse.com/949669", }, { category: "external", summary: "SUSE Bug 949670 for CVE-2015-5288", url: "https://bugzilla.suse.com/949670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2015-5288", }, { cve: "CVE-2015-5289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-5289", }, ], notes: [ { category: "general", text: "Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-5289", url: "https://www.suse.com/security/cve/CVE-2015-5289", }, { category: "external", summary: "SUSE Bug 949669 for CVE-2015-5289", url: "https://bugzilla.suse.com/949669", }, { category: "external", summary: "SUSE Bug 949670 for CVE-2015-5289", url: "https://bugzilla.suse.com/949670", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-5289", }, { cve: "CVE-2016-0766", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-0766", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-0766", url: "https://www.suse.com/security/cve/CVE-2016-0766", }, { category: "external", summary: "SUSE Bug 966435 for CVE-2016-0766", url: "https://bugzilla.suse.com/966435", }, { category: "external", summary: "SUSE Bug 966436 for CVE-2016-0766", url: "https://bugzilla.suse.com/966436", }, { category: "external", summary: "SUSE Bug 978323 for CVE-2016-0766", url: "https://bugzilla.suse.com/978323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-0766", }, { cve: "CVE-2016-0773", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-0773", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-0773", url: "https://www.suse.com/security/cve/CVE-2016-0773", }, { category: "external", summary: "SUSE Bug 966435 for CVE-2016-0773", url: "https://bugzilla.suse.com/966435", }, { category: "external", summary: "SUSE Bug 966436 for CVE-2016-0773", url: "https://bugzilla.suse.com/966436", }, { category: "external", summary: "SUSE Bug 978323 for CVE-2016-0773", url: "https://bugzilla.suse.com/978323", }, { category: "external", summary: "SUSE Bug 983246 for CVE-2016-0773", url: "https://bugzilla.suse.com/983246", }, { category: "external", summary: "SUSE Bug 986409 for CVE-2016-0773", url: "https://bugzilla.suse.com/986409", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-0773", }, { cve: "CVE-2016-5423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5423", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5423", url: "https://www.suse.com/security/cve/CVE-2016-5423", }, { category: "external", summary: "SUSE Bug 1041981 for CVE-2016-5423", url: "https://bugzilla.suse.com/1041981", }, { category: "external", summary: "SUSE Bug 1042497 for CVE-2016-5423", url: "https://bugzilla.suse.com/1042497", }, { category: "external", summary: "SUSE Bug 1052683 for CVE-2016-5423", url: "https://bugzilla.suse.com/1052683", }, { category: "external", summary: "SUSE Bug 993454 for CVE-2016-5423", url: "https://bugzilla.suse.com/993454", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5423", }, { cve: "CVE-2016-5424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5424", }, ], notes: [ { category: "general", text: "PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) \" (double quote), (2) \\ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5424", url: "https://www.suse.com/security/cve/CVE-2016-5424", }, { category: "external", summary: "SUSE Bug 1041981 for CVE-2016-5424", url: "https://bugzilla.suse.com/1041981", }, { category: "external", summary: "SUSE Bug 1042497 for CVE-2016-5424", url: "https://bugzilla.suse.com/1042497", }, { category: "external", summary: "SUSE Bug 1052683 for CVE-2016-5424", url: "https://bugzilla.suse.com/1052683", }, { category: "external", summary: "SUSE Bug 993453 for CVE-2016-5424", url: "https://bugzilla.suse.com/993453", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-contrib-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-devel-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-docs-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plperl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-plpython-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-pltcl-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-server-9.3.15-1.1.x86_64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.aarch64", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.ppc64le", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.s390x", "openSUSE Tumbleweed:postgresql93-test-9.3.15-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-5424", }, ], }
ghsa-gmhx-6jh3-87c2
Vulnerability from github
Published
2022-05-17 00:14
Modified
2025-04-12 12:32
Details
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
{ affected: [], aliases: [ "CVE-2014-0067", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2014-03-31T14:58:00Z", severity: "MODERATE", }, details: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", id: "GHSA-gmhx-6jh3-87c2", modified: "2025-04-12T12:32:04Z", published: "2022-05-17T00:14:03Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2014-0067", }, { type: "WEB", url: "https://support.apple.com/HT205219", }, { type: "WEB", url: "https://support.apple.com/kb/HT205031", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { type: "WEB", url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { type: "WEB", url: "http://www.debian.org/security/2014/dsa-2864", }, { type: "WEB", url: "http://www.debian.org/security/2014/dsa-2865", }, { type: "WEB", url: "http://www.postgresql.org/about/news/1506", }, { type: "WEB", url: "http://www.securityfocus.com/bid/65721", }, ], schema_version: "1.4.0", severity: [], }
gsd-2014-0067
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
Aliases
Aliases
{ GSD: { alias: "CVE-2014-0067", description: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", id: "GSD-2014-0067", references: [ "https://www.suse.com/security/cve/CVE-2014-0067.html", "https://www.debian.org/security/2014/dsa-2864", "https://www.debian.org/security/2014/dsa-2865", "https://advisories.mageia.org/CVE-2014-0067.html", "https://alas.aws.amazon.com/cve/html/CVE-2014-0067.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2014-0067", ], details: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", id: "GSD-2014-0067", modified: "2023-12-13T01:22:44.004294Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0067", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_affected: "=", version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", refsource: "MISC", url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", refsource: "MISC", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { name: "https://support.apple.com/HT205219", refsource: "MISC", url: "https://support.apple.com/HT205219", }, { name: "https://support.apple.com/kb/HT205031", refsource: "MISC", url: "https://support.apple.com/kb/HT205031", }, { name: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", refsource: "MISC", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { name: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", refsource: "MISC", url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { name: "http://wiki.postgresql.org/wiki/20140220securityrelease", refsource: "MISC", url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { name: "http://www.debian.org/security/2014/dsa-2864", refsource: "MISC", url: "http://www.debian.org/security/2014/dsa-2864", }, { name: "http://www.debian.org/security/2014/dsa-2865", refsource: "MISC", url: "http://www.debian.org/security/2014/dsa-2865", }, { name: "http://www.postgresql.org/about/news/1506/", refsource: "MISC", url: "http://www.postgresql.org/about/news/1506/", }, { name: "http://www.securityfocus.com/bid/65721", refsource: "MISC", url: "http://www.securityfocus.com/bid/65721", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:apple:mac_os_x_server:5.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.16:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "8.4.19", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.18:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.17:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:8.4.14:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:postgresql:postgresql:9.0.15:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2014-0067", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "DSA-2864", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2014/dsa-2864", }, { name: "http://wiki.postgresql.org/wiki/20140220securityrelease", refsource: "CONFIRM", tags: [ "Vendor Advisory", ], url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { name: "http://www.postgresql.org/about/news/1506/", refsource: "CONFIRM", tags: [], url: "http://www.postgresql.org/about/news/1506/", }, { name: "DSA-2865", refsource: "DEBIAN", tags: [], url: "http://www.debian.org/security/2014/dsa-2865", }, { name: "APPLE-SA-2015-08-13-2", refsource: "APPLE", tags: [], url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { name: "https://support.apple.com/kb/HT205031", refsource: "CONFIRM", tags: [], url: "https://support.apple.com/kb/HT205031", }, { name: "APPLE-SA-2015-09-16-4", refsource: "APPLE", tags: [], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { name: "https://support.apple.com/HT205219", refsource: "CONFIRM", tags: [], url: "https://support.apple.com/HT205219", }, { name: "65721", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/65721", }, { name: "openSUSE-SU-2014:0368", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { name: "openSUSE-SU-2014:0345", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2017-12-16T02:29Z", publishedDate: "2014-03-31T14:58Z", }, }, }
ncsc-2025-0041
Vulnerability from csaf_ncscnl
Published
2025-02-07 07:38
Modified
2025-02-11 06:51
Summary
Kwetsbaarheden verholpen in F5 BIG-IP
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
F5 heeft kwetsbaarheden verholpen in BIG-IP.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Omzeilen van een beveiligingsmaatregel
- Uitvoer van willekeurige code (Root/admin)
- Uitvoer van willekeurige code (Gebruiker)
- Toegang tot gevoelige gegevens
Oplossingen
F5 heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-772
Missing Release of Resource after Effective Lifetime
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-311
Missing Encryption of Sensitive Data
CWE-426
Untrusted Search Path
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-190
Integer Overflow or Wraparound
CWE-693
Protection Mechanism Failure
CWE-125
Out-of-bounds Read
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-400
Uncontrolled Resource Consumption
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "F5 heeft kwetsbaarheden verholpen in BIG-IP.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Omzeilen van een beveiligingsmaatregel\n- Uitvoer van willekeurige code (Root/admin)\n- Uitvoer van willekeurige code (Gebruiker)\n- Toegang tot gevoelige gegevens", title: "Interpretaties", }, { category: "description", text: "F5 heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Untrusted Search Path", title: "CWE-426", }, { category: "general", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "Integer Overflow or Wraparound", title: "CWE-190", }, { category: "general", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000138757", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000138932", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000139656", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000139778", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000140578", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000140920", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000140933", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000140947", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000140950", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000141003", }, { category: "external", summary: "Reference - cveprojectv5; nvd", url: "https://my.f5.com/manage/s/article/K000148587", }, ], title: "Kwetsbaarheden verholpen in F5 BIG-IP", tracking: { current_release_date: "2025-02-11T06:51:17.629249Z", id: "NCSC-2025-0041", initial_release_date: "2025-02-07T07:38:11.981975Z", revision_history: [ { date: "2025-02-07T07:38:11.981975Z", number: "0", summary: "Initiele versie", }, { date: "2025-02-11T06:51:17.629249Z", number: "1", summary: "Door een technisch issue is deze advisory eerder verstuurd met een invalide signature, waardoor automatische verwerking mogelijk verstoord is. Deze update verhelpt dat. Er is verder geen inhoudelijke wijziging.", }, ], status: "final", version: "1.0.1", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "big-ip", product: { name: "big-ip", product_id: "CSAFPID-310988", product_identification_helper: { cpe: "cpe:2.3:a:f5:big-ip:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "big-ip_next", product: { name: "big-ip_next", product_id: "CSAFPID-636427", product_identification_helper: { cpe: "cpe:2.3:a:f5:big-ip_next:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "big-ip_next_central_manager", product: { name: "big-ip_next_central_manager", product_id: "CSAFPID-1620063", product_identification_helper: { cpe: "cpe:2.3:a:f5:big-ip_next_central_manager:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "big-ip_next_cnf", product: { name: "big-ip_next_cnf", product_id: "CSAFPID-636429", product_identification_helper: { cpe: "cpe:2.3:a:f5:big-ip_next_cnf:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "big-ip_next_spk", product: { name: "big-ip_next_spk", product_id: "CSAFPID-636428", product_identification_helper: { cpe: "cpe:2.3:a:f5:big-ip_next_spk:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nginx_open_source", product: { name: "nginx_open_source", product_id: "CSAFPID-842689", product_identification_helper: { cpe: "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "nginx_plus", product: { name: "nginx_plus", product_id: "CSAFPID-842688", product_identification_helper: { cpe: "cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "f5", }, ], }, vulnerabilities: [ { cve: "CVE-2014-0064", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, notes: [ { category: "other", text: "Integer Overflow or Wraparound", title: "CWE-190", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2014-0064", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2014/CVE-2014-0064.json", }, ], title: "CVE-2014-0064", }, { cve: "CVE-2014-0065", product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2014-0065", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2014/CVE-2014-0065.json", }, ], title: "CVE-2014-0065", }, { cve: "CVE-2014-0066", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2014-0066", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2014/CVE-2014-0066.json", }, ], title: "CVE-2014-0066", }, { cve: "CVE-2014-0067", product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2014-0067", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2014/CVE-2014-0067.json", }, ], title: "CVE-2014-0067", }, { cve: "CVE-2019-5010", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2019-5010", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-5010.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2019-5010", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2019-16056", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-16056.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2019-16056", }, { cve: "CVE-2022-26488", cwe: { id: "CWE-426", name: "Untrusted Search Path", }, notes: [ { category: "other", text: "Untrusted Search Path", title: "CWE-426", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2022-26488", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-26488.json", }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2022-26488", }, { cve: "CVE-2024-36242", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "other", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2024-36242", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36242.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2024-36242", }, { cve: "CVE-2024-38660", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, notes: [ { category: "other", text: "Protection Mechanism Failure", title: "CWE-693", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2024-38660", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38660.json", }, ], scores: [ { cvss_v3: { baseScore: 3.8, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2024-38660", }, { cve: "CVE-2024-56337", cwe: { id: "CWE-367", name: "Time-of-check Time-of-use (TOCTOU) Race Condition", }, notes: [ { category: "other", text: "Time-of-check Time-of-use (TOCTOU) Race Condition", title: "CWE-367", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2024-56337", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2024-56337", }, { cve: "CVE-2025-20029", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", title: "CWE-78", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-20029", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-20029.json", }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-20029", }, { cve: "CVE-2025-20045", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-20045", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-20045.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-20045", }, { cve: "CVE-2025-20058", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-20058", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-20058.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-20058", }, { cve: "CVE-2025-21087", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-21087", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21087.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-21087", }, { cve: "CVE-2025-21091", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-21091", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21091.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-21091", }, { cve: "CVE-2025-22846", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-22846", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-22846.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-22846", }, { cve: "CVE-2025-22891", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Resource after Effective Lifetime", title: "CWE-772", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-22891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-22891.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-22891", }, { cve: "CVE-2025-23239", cwe: { id: "CWE-77", name: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", }, notes: [ { category: "other", text: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", title: "CWE-77", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-23239", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23239.json", }, ], scores: [ { cvss_v3: { baseScore: 8.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-23239", }, { cve: "CVE-2025-23412", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "other", text: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", title: "CWE-120", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-23412", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23412.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-23412", }, { cve: "CVE-2025-23413", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, notes: [ { category: "other", text: "Insertion of Sensitive Information into Log File", title: "CWE-532", }, { category: "general", text: "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-23413", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23413.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-23413", }, { cve: "CVE-2025-23415", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "other", text: "Insufficient Verification of Data Authenticity", title: "CWE-345", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-23415", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23415.json", }, ], scores: [ { cvss_v3: { baseScore: 3.1, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-23415", }, { cve: "CVE-2025-23419", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "other", text: "Improper Authentication", title: "CWE-287", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-23419", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23419.json", }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-23419", }, { cve: "CVE-2025-24312", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-24312", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24312.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-24312", }, { cve: "CVE-2025-24319", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-24319", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24319.json", }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-24319", }, { cve: "CVE-2025-24320", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-24320", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24320.json", }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-24320", }, { cve: "CVE-2025-24326", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-24326", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24326.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-24326", }, { cve: "CVE-2025-24497", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", title: "CVSSV4", }, ], product_status: { known_affected: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, references: [ { category: "self", summary: "CVE-2025-24497", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24497.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-310988", "CSAFPID-636427", "CSAFPID-1620063", "CSAFPID-636429", "CSAFPID-636428", "CSAFPID-842689", "CSAFPID-842688", ], }, ], title: "CVE-2025-24497", }, ], }
var-201403-0512
Vulnerability from variot
The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. PostgreSQL is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. BUGTRAQ ID: 65721 CVE(CAN) ID: CVE-2014-0067 PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard. 0 PostgreSQL PostgreSQL 8.x vendor patch: PostgreSQL ---------- At present, the vendor has released an upgrade patch to fix this security problem, please go to the vendor's homepage to download: http://www.postgresql.org. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
OS X Yosemite v10.10.5 and Security Update 2015-006 is now available and addresses the following:
apache Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in Apache 2.4.16, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185
apache_mod_php Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution. Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27. CVE-ID CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 CVE-2015-3329 CVE-2015-3330 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148
Apple ID OD Plug-in Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able change the password of a local user Description: In some circumstances, a state management issue existed in password authentication. The issue was addressed through improved state management. CVE-ID CVE-2015-3799 : an anonymous researcher working with HP's Zero Day Initiative
AppleGraphicsControl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5768 : JieTao Yang of KeenTeam
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3779 : Teddy Reed of Facebook Security
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: A memory management issue could have led to the disclosure of kernel memory layout. This issue was addressed with improved memory management. CVE-ID CVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze Networks
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious app may be able to access notifications from other iCloud devices Description: An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. The issue affected devices using Handoff and logged into the same iCloud account. This issue was resolved by revoking access to the Apple Notification Center Service. CVE-ID CVE-2015-3786 : Xiaolong Bai (Tsinghua University), System Security Lab (Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University)
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: An attacker with privileged network position may be able to perform denial of service attack using malformed Bluetooth packets Description: An input validation issue existed in parsing of Bluetooth ACL packets. This issue was addressed through improved input validation. CVE-ID CVE-2015-3787 : Trend Micro
Bluetooth Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple buffer overflow issues existed in blued's handling of XPC messages. These issues were addressed through improved bounds checking. CVE-ID CVE-2015-3777 : mitp0sh of [PDX]
bootp Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may have broadcast MAC addresses of previously accessed networks via the DNAv4 protocol. This issue was addressed through disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)
CloudKit Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to access the iCloud user record of a previously signed in user Description: A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling. CVE-ID CVE-2015-3782 : Deepkanwal Plaha of University of Toronto
CoreMedia Playback Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in CoreMedia Playback. These were addressed through improved memory handling. CVE-ID CVE-2015-5777 : Apple CVE-2015-5778 : Apple
CoreText Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team
curl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy. Description: Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0. CVE-ID CVE-2014-3613 CVE-2014-3620 CVE-2014-3707 CVE-2014-8150 CVE-2014-8151 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153
Data Detectors Engine Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a sequence of unicode characters can lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in processing of Unicode characters. These issues were addressed through improved memory handling. CVE-ID CVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)
Date & Time pref pane Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Applications that rely on system time may have unexpected behavior Description: An authorization issue existed when modifying the system date and time preferences. This issue was addressed with additional authorization checks. CVE-ID CVE-2015-3757 : Mark S C Smith
Dictionary Application Available for: OS X Yosemite v10.10 to v10.10.4 Impact: An attacker with a privileged network position may be able to intercept users' Dictionary app queries Description: An issue existed in the Dictionary app, which did not properly secure user communications. This issue was addressed by moving Dictionary queries to HTTPS. CVE-ID CVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team
DiskImages Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team
dyld Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed in dyld. This was addressed through improved environment sanitization. CVE-ID CVE-2015-3760 : beist of grayhash, Stefan Esser
FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-3804 : Apple CVE-2015-5775 : Apple
FontParser Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team
groff Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple issues in pdfroff Description: Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff. CVE-ID CVE-2009-5044 CVE-2009-5078
ImageIO Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the processing of TIFF images. This issue was addressed through improved bounds checking. CVE-ID CVE-2015-5758 : Apple
ImageIO Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Visiting a maliciously crafted website may result in the disclosure of process memory Description: An uninitialized memory access issue existed in ImageIO's handling of PNG and TIFF images. Visiting a malicious website may result in sending data from process memory to the website. This issue is addressed through improved memory initialization and additional validation of PNG and TIFF images. CVE-ID CVE-2015-5781 : Michal Zalewski CVE-2015-5782 : Michal Zalewski
Install Framework Legacy Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with root privileges Description: An issue existed in how Install.framework's 'runner' binary dropped privileges. This issue was addressed through improved privilege management. CVE-ID CVE-2015-5784 : Ian Beer of Google Project Zero
Install Framework Legacy Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A race condition existed in Install.framework's 'runner' binary that resulted in privileges being incorrectly dropped. This issue was addressed through improved object locking. CVE-ID CVE-2015-5754 : Ian Beer of Google Project Zero
IOFireWireFamily Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation. CVE-ID CVE-2015-3769 : Ilja van Sprundel CVE-2015-3771 : Ilja van Sprundel CVE-2015-3772 : Ilja van Sprundel
IOGraphics Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation. CVE-ID CVE-2015-3770 : Ilja van Sprundel CVE-2015-5783 : Ilja van Sprundel
IOHIDFamily Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5774 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to determine kernel memory layout Description: An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface. CVE-ID CVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team, @PanguTeam
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments. CVE-ID CVE-2015-3768 : Ilja van Sprundel
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to cause a system denial of service Description: A resource exhaustion issue existed in the fasttrap driver. This was addressed through improved memory handling. CVE-ID CVE-2015-5747 : Maxime VILLARD of m00nbsd
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to cause a system denial of service Description: A validation issue existed in the mounting of HFS volumes. This was addressed by adding additional checks. CVE-ID CVE-2015-5748 : Maxime VILLARD of m00nbsd
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute unsigned code Description: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation. CVE-ID CVE-2015-3806 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A specially crafted executable file could allow unsigned, malicious code to execute Description: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files. CVE-ID CVE-2015-3803 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute unsigned code Description: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks. CVE-ID CVE-2015-3802 : TaiG Jailbreak Team CVE-2015-3805 : TaiG Jailbreak Team
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany
Kernel Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A path validation issue existed. This was addressed through improved environment sanitization. CVE-ID CVE-2015-3761 : Apple
Libc Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in the TRE library. These were addressed through improved memory handling. CVE-ID CVE-2015-3796 : Ian Beer of Google Project Zero CVE-2015-3797 : Ian Beer of Google Project Zero CVE-2015-3798 : Ian Beer of Google Project Zero
Libinfo Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: Memory corruption issues existed in handling AF_INET6 sockets. These were addressed by improved memory handling. CVE-ID CVE-2015-5776 : Apple
libpthread Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking. CVE-ID CVE-2015-5757 : Lufeng Li of Qihoo 360
libxml2 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2. CVE-ID CVE-2012-6685 : Felix Groebert of Google CVE-2014-0191 : Felix Groebert of Google
libxml2 Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory access issue existed in libxml2. This was addressed by improved memory handling CVE-ID CVE-2014-3660 : Felix Groebert of Google
libxml2 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3807 : Apple
libxpc Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking. CVE-ID CVE-2015-3795 : Mathew Rowley
mail_cmds Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary shell commands Description: A validation issue existed in the mailx parsing of email addresses. This was addressed by improved sanitization. CVE-ID CVE-2014-7844
Notification Center OSX Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A malicious application may be able to access all notifications previously displayed to users Description: An issue existed in Notification Center, which did not properly delete user notifications. This issue was addressed by correctly deleting notifications dismissed by users. CVE-ID CVE-2015-3764 : Jonathan Zdziarski
ntfs Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A local user may be able to execute arbitrary code with system privileges Description: A memory corruption issue existed in NTFS. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze Networks
OpenSSH Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Remote attackers may be able to circumvent a time delay for failed login attempts and conduct brute-force attacks Description: An issue existed when processing keyboard-interactive devices. This issue was addressed through improved authentication request validation. CVE-ID CVE-2015-5600
OpenSSL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg. CVE-ID CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792
perl Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted regular expression may lead to disclosure of unexpected application termination or arbitrary code execution Description: An integer underflow issue existed in the way Perl parsed regular expressions. This issue was addressed through improved memory handling. CVE-ID CVE-2013-7422
PostgreSQL Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: An attacker may be able to cause unexpected application termination or gain access to data without proper authentication Description: Multiple issues existed in PostgreSQL 9.2.4. These issues were addressed by updating PostgreSQL to 9.2.13. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244
python Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10. CVE-ID CVE-2013-7040 CVE-2013-7338 CVE-2014-1912 CVE-2014-7185 CVE-2014-9365
QL Office Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted Office document may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing of Office documents. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5773 : Apple
QL Office Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted XML file may lead to disclosure of user information Description: An external entity reference issue existed in XML file parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.
Quartz Composer Framework Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing of QuickTime files. This issue was addressed through improved memory handling. CVE-ID CVE-2015-5771 : Apple
Quick Look Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Searching for a previously viewed website may launch the web browser and render that website Description: An issue existed where QuickLook had the capability to execute JavaScript. The issue was addressed by disallowing execution of JavaScript. CVE-ID CVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole
QuickTime 7 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3772 CVE-2015-3779 CVE-2015-5753 : Apple CVE-2015-5779 : Apple
QuickTime 7 Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling. CVE-ID CVE-2015-3765 : Joe Burnett of Audio Poison CVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos CVE-2015-5751 : WalkerFuz
SceneKit Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Viewing a maliciously crafted Collada file may lead to arbitrary code execution Description: A heap buffer overflow existed in SceneKit's handling of Collada files. This issue was addressed through improved input validation. CVE-ID CVE-2015-5772 : Apple
SceneKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in SceneKit. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3783 : Haris Andrianakis of Google Security Team
Security Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A standard user may be able to gain access to admin privileges without proper authentication Description: An issue existed in handling of user authentication. This issue was addressed through improved authentication checks. CVE-ID CVE-2015-3775 : [Eldon Ahrold]
SMBClient Available for: OS X Yosemite v10.10 to v10.10.4 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the SMB client. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3773 : Ilja van Sprundel
Speech UI Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted unicode string with speech alerts enabled may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in handling of Unicode strings. This issue was addressed by improved memory handling. CVE-ID CVE-2015-3794 : Adam Greenbaum of Refinitive
sudo Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files Description: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9. CVE-ID CVE-2013-1775 CVE-2013-1776 CVE-2013-2776 CVE-2013-2777 CVE-2014-0106 CVE-2014-9680
tcpdump Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service. Description: Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3. CVE-ID CVE-2014-8767 CVE-2014-8769 CVE-2014-9140
Text Formats Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Parsing a maliciously crafted text file may lead to disclosure of user information Description: An XML external entity reference issue existed with TextEdit parsing. This issue was addressed through improved parsing. CVE-ID CVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team
udf Available for: OS X Yosemite v10.10 to v10.10.4 Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling. CVE-ID CVE-2015-3767 : beist of grayhash
OS X Yosemite v10.10.5 includes the security content of Safari 8.0.8: https://support.apple.com/en-us/HT205033
OS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJVzM3+AAoJEBcWfLTuOo7tx/YP/RTsUUx0UTk7rXj6AEcHmiR4 Y2xTUOXqRmxhieSbsGK9laKL5++lIzkGh5RC7oYag0+OgWtZz+EU/EtdoEJmGNJ6 +PgoEnizYdKhO1kos1KCHOwG6UFCqoeEm6Icm33nVUqWp7uAmhVRMRxtMJEScLSR 2LpsK0grIhFXtJGqu053TSKSCa1UTab8XWteZTT84uFGMSKbAFONj5CPIrR6+uev QpVTwrnskPDBOXJwGhjypvIBTbt2aa1wjCukOAWFHwf7Pma/QUdhKRkUK4vAb9/k fu2t2fBOvSMguJHRO+340NsQR9LvmdruBeAyNUH64srF1jtbAg0QnvZsPyO5aIyR A8WrzHl3oIc0II0y7VpI+3o0J3Nn03EcBPtIKeoeyznnjNziDm72HPI2d2+5ZSRz xjAd4Nmw+dgGq+UMkusIXgtRK4HcEpwzfImf3zqnKHakSncnFPhGKyNEgn8bK9a7 AeAvSqMXXsJg8weHUF2NLnAn/42k2wIE8d5BOLaIy13xz6MJn7VUI21pK0zCaGBF sfkRFZP0eEVh8ZzU/nWp9E5KDpbsd72biJwvjWH4OrmkfzUWxStQiVwPTxtZD9LW c5ZWe+vqZJV9eYRH2hAOMPaYkOQ5Z4DySNVVOFAG0eq9til8+V0k3L7ipIVd2XUB msu6gVP8uZhFYNb8byVJ =+0e/ -----END PGP SIGNATURE----- .
For the unstable distribution (sid), these problems have been fixed in version 9.3.3-1 of the postgresql-9.3 package. CVE-ID CVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research Center
OS X Server 5.0.3 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2015:110 http://www.mandriva.com/en/support/security/
Package : postgresql Date : March 29, 2015 Affected: Business Server 2.0
Problem Description:
Updated postgresql packages fix multiple security vulnerabilities:
Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role member can revoke the access of others, contrary to the wishes of his grantor. Unapproved role member additions are a lesser concern, since an uncooperative role member could provide most of his rights to others anyway by creating views or SECURITY DEFINER functions (CVE-2014-0060).
The primary role of PL validator functions is to be called implicitly during CREATE FUNCTION, but they are also normal SQL functions that a user can call explicitly. Calling a validator on a function actually written in some other language was not checked for and could be exploited for privilege-escalation purposes. The fix involves adding a call to a privilege-checking function in each validator function. Non-core procedural languages will also need to make this change to their own validator functions, if any (CVE-2014-0061).
If the name lookups come to different conclusions due to concurrent activity, we might perform some parts of the DDL on a different table than other parts. At least in the case of CREATE INDEX, this can be used to cause the permissions checks to be performed against a different table than the index creation, allowing for a privilege escalation attack (CVE-2014-0062).
The MAXDATELEN constant was too small for the longest possible value of type interval, allowing a buffer overrun in interval_out(). Although the datetime input functions were more careful about avoiding buffer overrun, the limit was short enough to cause them to reject some valid inputs, such as input containing a very long timezone name. The ecpg library contained these vulnerabilities along with some of its own (CVE-2014-0063).
Several functions, mostly type input functions, calculated an allocation size without checking for overflow. If overflow did occur, a too-small buffer would be allocated and then written past (CVE-2014-0064).
Use strlcpy() and related functions to provide a clear guarantee that fixed-size buffers are not overrun. Unlike the preceding items, it is unclear whether these cases really represent live issues, since in most cases there appear to be previous constraints on the size of the input string. Nonetheless it seems prudent to silence all Coverity warnings of this type (CVE-2014-0065).
There are relatively few scenarios in which crypt() could return NULL, but contrib/chkpass would crash if it did. One practical case in which this could be an issue is if libc is configured to refuse to execute unapproved hashing algorithms (e.g., FIPS mode) (CVE-2014-0066).
Since the temporary server started by make check uses trust authentication, another user on the same machine could connect to it as database superuser, and then potentially exploit the privileges of the operating-system user who started the tests. A future release will probably incorporate changes in the testing procedure to prevent this risk, but some public discussion is needed first. So for the moment, just warn people against using make check when there are untrusted users on the same machine (CVE-2014-0067).
A user with limited clearance on a table might have access to information in columns without SELECT rights on through server error messages (CVE-2014-8161).
The function to_char() might read/write past the end of a buffer. This might crash the server when a formatting template is processed (CVE-2015-0241).
The pgcrypto module is vulnerable to stack buffer overrun that might crash the server (CVE-2015-0243).
Emil Lenngren reported that an attacker can inject SQL commands when the synchronization between client and server is lost (CVE-2015-0244).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8161 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0242 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0243 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0244 http://advisories.mageia.org/MGASA-2014-0205.html http://advisories.mageia.org/MGASA-2015-0069.html
Updated Packages:
Mandriva Business Server 2/X86_64: f99a635c6f82735fbc2b95e152f09efb mbs2/x86_64/lib64ecpg9.2_6-9.2.10-1.mbs2.x86_64.rpm d57166faca3e9d1b932cdd43c04b4d3a mbs2/x86_64/lib64ecpg9.3_6-9.3.6-1.mbs2.x86_64.rpm 6e4f38d6fb5b9bb91e9f2eab3e567e1f mbs2/x86_64/lib64pq9.2_5.5-9.2.10-1.mbs2.x86_64.rpm 6671c3cf6916cf829c3e3bc0332190a7 mbs2/x86_64/lib64pq9.3_5-9.3.6-1.mbs2.x86_64.rpm eda79e884356acdd4bc3776eb9f082d7 mbs2/x86_64/postgresql9.2-9.2.10-1.mbs2.x86_64.rpm 78ed2566f404f6af31337690f52851ca mbs2/x86_64/postgresql9.2-contrib-9.2.10-1.mbs2.x86_64.rpm 153a4a063504fa1fa1842b127712bfe0 mbs2/x86_64/postgresql9.2-devel-9.2.10-1.mbs2.x86_64.rpm 9bfdccf6a88c6b13496c7da4de2bca34 mbs2/x86_64/postgresql9.2-docs-9.2.10-1.mbs2.noarch.rpm 6b76f8d61fd457f92d90b1959fb1dea3 mbs2/x86_64/postgresql9.2-pl-9.2.10-1.mbs2.x86_64.rpm 8526ab569ed5362fc7a92fa23dca98b6 mbs2/x86_64/postgresql9.2-plperl-9.2.10-1.mbs2.x86_64.rpm 412cb6f09cb609fcbb09d3259f534dfc mbs2/x86_64/postgresql9.2-plpgsql-9.2.10-1.mbs2.x86_64.rpm c95ce4440833dfc828c9ee8eecbcea17 mbs2/x86_64/postgresql9.2-plpython-9.2.10-1.mbs2.x86_64.rpm 50b9c0b0197667b390ba47ccd00770d4 mbs2/x86_64/postgresql9.2-pltcl-9.2.10-1.mbs2.x86_64.rpm c019e6c9930eafc094f287ee7461aaaa mbs2/x86_64/postgresql9.2-server-9.2.10-1.mbs2.x86_64.rpm d2a51e59c752f3ddb3ea6c77f7502433 mbs2/x86_64/postgresql9.3-9.3.6-1.mbs2.x86_64.rpm 60e543ac5e51171e6669e68b0a5a2eb3 mbs2/x86_64/postgresql9.3-contrib-9.3.6-1.mbs2.x86_64.rpm 483126b5d66cd0f375ec9732677b2808 mbs2/x86_64/postgresql9.3-devel-9.3.6-1.mbs2.x86_64.rpm 0b361bfcbc87273de585f3f9c4c6a618 mbs2/x86_64/postgresql9.3-docs-9.3.6-1.mbs2.noarch.rpm 357b9a02ee0271876013e2db04025721 mbs2/x86_64/postgresql9.3-pl-9.3.6-1.mbs2.x86_64.rpm 7bd4f962c795ee04836f1e162c1e6b7e mbs2/x86_64/postgresql9.3-plperl-9.3.6-1.mbs2.x86_64.rpm 66e4b7668e00e0d16d6570ea7f1651fa mbs2/x86_64/postgresql9.3-plpgsql-9.3.6-1.mbs2.x86_64.rpm 13e4930b5a0dbe06a5b886a83401470a mbs2/x86_64/postgresql9.3-plpython-9.3.6-1.mbs2.x86_64.rpm 32e568d9ba610c58e6587b04d4cdb6ab mbs2/x86_64/postgresql9.3-pltcl-9.3.6-1.mbs2.x86_64.rpm 0b8899321e95fd17fc6aa954fb450a0d mbs2/x86_64/postgresql9.3-server-9.3.6-1.mbs2.x86_64.rpm f5856e921124345cf4dbadd41bfaab9d mbs2/SRPMS/postgresql9.2-9.2.10-1.mbs2.src.rpm ca1994bd36f7310b82ec57914dd8496d mbs2/SRPMS/postgresql9.3-9.3.6-1.mbs2.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0512", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "postgresql", scope: "eq", trust: 1.9, vendor: "postgresql", version: "9.3", }, { model: "postgresql", scope: "eq", trust: 1.9, vendor: "postgresql", version: "9.2", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.3.1", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.2.4", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.2.3", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.2.2", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.3.2", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.2.1", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.2.5", }, { model: "postgresql", scope: "eq", trust: 1.6, vendor: "postgresql", version: "9.2.6", }, { model: "postgresql", scope: "eq", trust: 1.3, vendor: "postgresql", version: "9.0", }, { model: "postgresql", scope: "eq", trust: 1.3, vendor: "postgresql", version: "9.1", }, { model: "mac os x", scope: "eq", trust: 1, vendor: "apple", version: "10.10.4", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.2", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.6", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.8", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.1", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.14", }, { model: "mac os x server", scope: "eq", trust: 1, vendor: "apple", version: "5.0.3", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.5", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.10", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.5", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.4", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.7", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.5", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.15", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.9", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.7", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.8", }, { model: "postgresql", scope: "lte", trust: 1, vendor: "postgresql", version: "8.4.19", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.9", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.11", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.12", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.6", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.13", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.9", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.11", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.17", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.2", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.15", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.2", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.6", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.3", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.8", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.13", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.4", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.1", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.11", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.10", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.1", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.12", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.18", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.3", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.4", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.14", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "8.4.16", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.1.10", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.7", }, { model: "postgresql", scope: "eq", trust: 1, vendor: "postgresql", version: "9.0.3", }, { model: "postgresql", scope: "lte", trust: 0.8, vendor: "postgresql", version: "9.3.3", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "10.10 to 10.10.4", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "10.8.5", }, { model: "mac os x", scope: "eq", trust: 0.8, vendor: "apple", version: "10.9.5", }, { model: "macos server", scope: "lt", trust: 0.8, vendor: "apple", version: "5.0.3 (os x yosemite v10.10.5 or later )", }, { model: "opensuse", scope: "eq", trust: 0.3, vendor: "s u s e", version: "11.4", }, { model: "postgresql", scope: "eq", trust: 0.3, vendor: "postgresql", version: "8.4", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1x8664", }, { model: "business server", scope: "eq", trust: 0.3, vendor: "mandriva", version: "1", }, { model: "security threat response manager", scope: "eq", trust: 0.3, vendor: "juniper", version: "2012.1", }, { model: "tivoli business service manager", scope: "eq", trust: 0.3, vendor: "ibm", version: "4.2.1", }, { model: "tivoli business service manager", scope: "eq", trust: 0.3, vendor: "ibm", version: "4.2", }, { model: "qradar security information and event manager mr5", scope: "eq", trust: 0.3, vendor: "ibm", version: "7.0", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "debian", version: "6.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x4.1.5", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x3.2.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x3.2.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x3.1.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x4.1", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x4.0", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x3.2", }, { model: "mac os server", scope: "eq", trust: 0.3, vendor: "apple", version: "x3.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.9.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.8.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.4", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.3", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.2", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10", }, { model: "security threat response manager 2012.1r8", scope: "ne", trust: 0.3, vendor: "juniper", version: null, }, { model: "mac os server", scope: "ne", trust: 0.3, vendor: "apple", version: "x5.0.3", }, { model: "mac os", scope: "ne", trust: 0.3, vendor: "apple", version: "x10.10.5", }, ], sources: [ { db: "BID", id: "65721", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "CNNVD", id: "CNNVD-201403-587", }, { db: "NVD", id: "CVE-2014-0067", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:postgresql:postgresql", vulnerable: true, }, { cpe22Uri: "cpe:/o:apple:mac_os_x", vulnerable: true, }, { cpe22Uri: "cpe:/o:apple:os_x_server", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2014-001850", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Noah Misch", sources: [ { db: "BID", id: "65721", }, ], trust: 0.3, }, cve: "CVE-2014-0067", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "CVE-2014-0067", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "VHN-67560", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2014-0067", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2014-0067", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-201403-587", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-67560", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2014-0067", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-67560", }, { db: "VULMON", id: "CVE-2014-0067", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "CNNVD", id: "CNNVD-201403-587", }, { db: "NVD", id: "CVE-2014-0067", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The \"make check\" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster. PostgreSQL is prone to a local privilege-escalation vulnerability. \nLocal attackers can exploit this issue to gain elevated privileges. BUGTRAQ ID: 65721 CVE(CAN) ID: CVE-2014-0067 PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard. 0 PostgreSQL PostgreSQL 8.x vendor patch: PostgreSQL ---------- At present, the vendor has released an upgrade patch to fix this security problem, please go to the vendor's homepage to download: http://www.postgresql.org. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update\n2015-006\n\nOS X Yosemite v10.10.5 and Security Update 2015-006 is now available\nand addresses the following:\n\napache\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in Apache 2.4.16, the most\nserious of which may allow a remote attacker to cause a denial of\nservice. \nDescription: Multiple vulnerabilities existed in Apache versions\nprior to 2.4.16. These were addressed by updating Apache to version\n2.4.16. \nCVE-ID\nCVE-2014-3581\nCVE-2014-3583\nCVE-2014-8109\nCVE-2015-0228\nCVE-2015-0253\nCVE-2015-3183\nCVE-2015-3185\n\napache_mod_php\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in PHP 5.5.20, the most\nserious of which may lead to arbitrary code execution. \nDescription: Multiple vulnerabilities existed in PHP versions prior\nto 5.5.20. These were addressed by updating Apache to version 5.5.27. \nCVE-ID\nCVE-2015-2783\nCVE-2015-2787\nCVE-2015-3307\nCVE-2015-3329\nCVE-2015-3330\nCVE-2015-4021\nCVE-2015-4022\nCVE-2015-4024\nCVE-2015-4025\nCVE-2015-4026\nCVE-2015-4147\nCVE-2015-4148\n\nApple ID OD Plug-in\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able change the password of a\nlocal user\nDescription: In some circumstances, a state management issue existed\nin password authentication. The issue was addressed through improved\nstate management. \nCVE-ID\nCVE-2015-3799 : an anonymous researcher working with HP's Zero Day\nInitiative\n\nAppleGraphicsControl\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in AppleGraphicsControl which could\nhave led to the disclosure of kernel memory layout. This issue was\naddressed through improved bounds checking. \nCVE-ID\nCVE-2015-5768 : JieTao Yang of KeenTeam\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in\nIOBluetoothHCIController. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3779 : Teddy Reed of Facebook Security\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A memory management issue could have led to the\ndisclosure of kernel memory layout. This issue was addressed with\nimproved memory management. \nCVE-ID\nCVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious app may be able to access notifications from\nother iCloud devices\nDescription: An issue existed where a malicious app could access a\nBluetooth-paired Mac or iOS device's Notification Center\nnotifications via the Apple Notification Center Service. The issue\naffected devices using Handoff and logged into the same iCloud\naccount. This issue was resolved by revoking access to the Apple\nNotification Center Service. \nCVE-ID\nCVE-2015-3786 : Xiaolong Bai (Tsinghua University), System Security\nLab (Indiana University), Tongxin Li (Peking University), XiaoFeng\nWang (Indiana University)\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: An attacker with privileged network position may be able to\nperform denial of service attack using malformed Bluetooth packets\nDescription: An input validation issue existed in parsing of\nBluetooth ACL packets. This issue was addressed through improved\ninput validation. \nCVE-ID\nCVE-2015-3787 : Trend Micro\n\nBluetooth\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple buffer overflow issues existed in blued's\nhandling of XPC messages. These issues were addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2015-3777 : mitp0sh of [PDX]\n\nbootp\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious Wi-Fi network may be able to determine networks\na device has previously accessed\nDescription: Upon connecting to a Wi-Fi network, iOS may have\nbroadcast MAC addresses of previously accessed networks via the DNAv4\nprotocol. This issue was addressed through disabling DNAv4 on\nunencrypted Wi-Fi networks. \nCVE-ID\nCVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute,\nUniversity of Oxford (on the EPSRC Being There project)\n\nCloudKit\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to access the iCloud\nuser record of a previously signed in user\nDescription: A state inconsistency existed in CloudKit when signing\nout users. This issue was addressed through improved state handling. \nCVE-ID\nCVE-2015-3782 : Deepkanwal Plaha of University of Toronto\n\nCoreMedia Playback\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Memory corruption issues existed in CoreMedia Playback. \nThese were addressed through improved memory handling. \nCVE-ID\nCVE-2015-5777 : Apple\nCVE-2015-5778 : Apple\n\nCoreText\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team\n\nCoreText\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team\n\ncurl\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities in cURL and libcurl prior to\n7.38.0, one of which may allow remote attackers to bypass the Same\nOrigin Policy. \nDescription: Multiple vulnerabilities existed in cURL and libcurl\nprior to 7.38.0. These issues were addressed by updating cURL to\nversion 7.43.0. \nCVE-ID\nCVE-2014-3613\nCVE-2014-3620\nCVE-2014-3707\nCVE-2014-8150\nCVE-2014-8151\nCVE-2015-3143\nCVE-2015-3144\nCVE-2015-3145\nCVE-2015-3148\nCVE-2015-3153\n\nData Detectors Engine\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a sequence of unicode characters can lead to an\nunexpected application termination or arbitrary code execution\nDescription: Memory corruption issues existed in processing of\nUnicode characters. These issues were addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)\n\nDate & Time pref pane\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Applications that rely on system time may have unexpected\nbehavior\nDescription: An authorization issue existed when modifying the\nsystem date and time preferences. This issue was addressed with\nadditional authorization checks. \nCVE-ID\nCVE-2015-3757 : Mark S C Smith\n\nDictionary Application\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: An attacker with a privileged network position may be able\nto intercept users' Dictionary app queries\nDescription: An issue existed in the Dictionary app, which did not\nproperly secure user communications. This issue was addressed by\nmoving Dictionary queries to HTTPS. \nCVE-ID\nCVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security\nTeam\n\nDiskImages\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted DMG file may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription: A memory corruption issue existed in parsing of\nmalformed DMG images. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team\n\ndyld\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A path validation issue existed in dyld. This was\naddressed through improved environment sanitization. \nCVE-ID\nCVE-2015-3760 : beist of grayhash, Stefan Esser\n\nFontParser\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-3804 : Apple\nCVE-2015-5775 : Apple\n\nFontParser\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted font file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nfont files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team\n\ngroff\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple issues in pdfroff\nDescription: Multiple issues existed in pdfroff, the most serious of\nwhich may allow arbitrary filesystem modification. These issues were\naddressed by removing pdfroff. \nCVE-ID\nCVE-2009-5044\nCVE-2009-5078\n\nImageIO\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nTIFF images. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2015-5758 : Apple\n\nImageIO\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Visiting a maliciously crafted website may result in the\ndisclosure of process memory\nDescription: An uninitialized memory access issue existed in\nImageIO's handling of PNG and TIFF images. Visiting a malicious\nwebsite may result in sending data from process memory to the\nwebsite. This issue is addressed through improved memory\ninitialization and additional validation of PNG and TIFF images. \nCVE-ID\nCVE-2015-5781 : Michal Zalewski\nCVE-2015-5782 : Michal Zalewski\n\nInstall Framework Legacy\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with root privileges\nDescription: An issue existed in how Install.framework's 'runner'\nbinary dropped privileges. This issue was addressed through improved\nprivilege management. \nCVE-ID\nCVE-2015-5784 : Ian Beer of Google Project Zero\n\nInstall Framework Legacy\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A race condition existed in\nInstall.framework's 'runner' binary that resulted in\nprivileges being incorrectly dropped. This issue was addressed\nthrough improved object locking. \nCVE-ID\nCVE-2015-5754 : Ian Beer of Google Project Zero\n\nIOFireWireFamily\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: Memory corruption issues existed in IOFireWireFamily. \nThese issues were addressed through additional type input validation. \nCVE-ID\nCVE-2015-3769 : Ilja van Sprundel\nCVE-2015-3771 : Ilja van Sprundel\nCVE-2015-3772 : Ilja van Sprundel\n\nIOGraphics\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in IOGraphics. This\nissue was addressed through additional type input validation. \nCVE-ID\nCVE-2015-3770 : Ilja van Sprundel\nCVE-2015-5783 : Ilja van Sprundel\n\nIOHIDFamily\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A buffer overflow issue existed in IOHIDFamily. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5774 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: An issue existed in the mach_port_space_info interface,\nwhich could have led to the disclosure of kernel memory layout. This\nwas addressed by disabling the mach_port_space_info interface. \nCVE-ID\nCVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team,\n@PanguTeam\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: An integer overflow existed in the handling of IOKit\nfunctions. This issue was addressed through improved validation of\nIOKit API arguments. \nCVE-ID\nCVE-2015-3768 : Ilja van Sprundel\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to cause a system denial of service\nDescription: A resource exhaustion issue existed in the fasttrap\ndriver. This was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5747 : Maxime VILLARD of m00nbsd\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to cause a system denial of service\nDescription: A validation issue existed in the mounting of HFS\nvolumes. This was addressed by adding additional checks. \nCVE-ID\nCVE-2015-5748 : Maxime VILLARD of m00nbsd\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute unsigned code\nDescription: An issue existed that allowed unsigned code to be\nappended to signed code in a specially crafted executable file. This\nissue was addressed through improved code signature validation. \nCVE-ID\nCVE-2015-3806 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A specially crafted executable file could allow unsigned,\nmalicious code to execute\nDescription: An issue existed in the way multi-architecture\nexecutable files were evaluated that could have allowed unsigned code\nto be executed. This issue was addressed through improved validation\nof executable files. \nCVE-ID\nCVE-2015-3803 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute unsigned code\nDescription: A validation issue existed in the handling of Mach-O\nfiles. This was addressed by adding additional checks. \nCVE-ID\nCVE-2015-3802 : TaiG Jailbreak Team\nCVE-2015-3805 : TaiG Jailbreak Team\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted plist may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription: A memory corruption existed in processing of malformed\nplists. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein\n(@jollyjinx) of Jinx Germany\n\nKernel\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A path validation issue existed. This was addressed\nthrough improved environment sanitization. \nCVE-ID\nCVE-2015-3761 : Apple\n\nLibc\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted regular expression may lead\nto an unexpected application termination or arbitrary code execution\nDescription: Memory corruption issues existed in the TRE library. \nThese were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3796 : Ian Beer of Google Project Zero\nCVE-2015-3797 : Ian Beer of Google Project Zero\nCVE-2015-3798 : Ian Beer of Google Project Zero\n\nLibinfo\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: Memory corruption issues existed in handling AF_INET6\nsockets. These were addressed by improved memory handling. \nCVE-ID\nCVE-2015-5776 : Apple\n\nlibpthread\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in handling syscalls. \nThis issue was addressed through improved lock state checking. \nCVE-ID\nCVE-2015-5757 : Lufeng Li of Qihoo 360\n\nlibxml2\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in libxml2 versions prior\nto 2.9.2, the most serious of which may allow a remote attacker to\ncause a denial of service\nDescription: Multiple vulnerabilities existed in libxml2 versions\nprior to 2.9.2. These were addressed by updating libxml2 to version\n2.9.2. \nCVE-ID\nCVE-2012-6685 : Felix Groebert of Google\nCVE-2014-0191 : Felix Groebert of Google\n\nlibxml2\nAvailable for: OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: A memory access issue existed in libxml2. This was\naddressed by improved memory handling\nCVE-ID\nCVE-2014-3660 : Felix Groebert of Google\n\nlibxml2\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted XML document may lead to\ndisclosure of user information\nDescription: A memory corruption issue existed in parsing of XML\nfiles. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3807 : Apple\n\nlibxpc\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to execute arbitrary\ncode with system privileges\nDescription: A memory corruption issue existed in handling of\nmalformed XPC messages. This issue was improved through improved\nbounds checking. \nCVE-ID\nCVE-2015-3795 : Mathew Rowley\n\nmail_cmds\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary shell commands\nDescription: A validation issue existed in the mailx parsing of\nemail addresses. This was addressed by improved sanitization. \nCVE-ID\nCVE-2014-7844\n\nNotification Center OSX\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A malicious application may be able to access all\nnotifications previously displayed to users\nDescription: An issue existed in Notification Center, which did not\nproperly delete user notifications. This issue was addressed by\ncorrectly deleting notifications dismissed by users. \nCVE-ID\nCVE-2015-3764 : Jonathan Zdziarski\n\nntfs\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A local user may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue existed in NTFS. This issue\nwas addressed through improved memory handling. \nCVE-ID\nCVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze\nNetworks\n\nOpenSSH\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Remote attackers may be able to circumvent a time delay for\nfailed login attempts and conduct brute-force attacks\nDescription: An issue existed when processing keyboard-interactive\ndevices. This issue was addressed through improved authentication\nrequest validation. \nCVE-ID\nCVE-2015-5600\n\nOpenSSL\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in OpenSSL versions prior\nto 0.9.8zg, the most serious of which may allow a remote attacker to\ncause a denial of service. \nDescription: Multiple vulnerabilities existed in OpenSSL versions\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\n0.9.8zg. \nCVE-ID\nCVE-2015-1788\nCVE-2015-1789\nCVE-2015-1790\nCVE-2015-1791\nCVE-2015-1792\n\nperl\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted regular expression may lead to\ndisclosure of unexpected application termination or arbitrary code\nexecution\nDescription: An integer underflow issue existed in the way Perl\nparsed regular expressions. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2013-7422\n\nPostgreSQL\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: An attacker may be able to cause unexpected application\ntermination or gain access to data without proper authentication\nDescription: Multiple issues existed in PostgreSQL 9.2.4. These\nissues were addressed by updating PostgreSQL to 9.2.13. \nCVE-ID\nCVE-2014-0067\nCVE-2014-8161\nCVE-2015-0241\nCVE-2015-0242\nCVE-2015-0243\nCVE-2015-0244\n\npython\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in Python 2.7.6, the most\nserious of which may lead to arbitrary code execution\nDescription: Multiple vulnerabilities existed in Python versions\nprior to 2.7.6. These were addressed by updating Python to version\n2.7.10. \nCVE-ID\nCVE-2013-7040\nCVE-2013-7338\nCVE-2014-1912\nCVE-2014-7185\nCVE-2014-9365\n\nQL Office\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted Office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in parsing of Office\ndocuments. This issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-5773 : Apple\n\nQL Office\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted XML file may lead to\ndisclosure of user information\nDescription: An external entity reference issue existed in XML file\nparsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-3784 : Bruno Morisson of INTEGRITY S.A. \n\nQuartz Composer Framework\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted QuickTime file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in parsing of\nQuickTime files. This issue was addressed through improved memory\nhandling. \nCVE-ID\nCVE-2015-5771 : Apple\n\nQuick Look\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Searching for a previously viewed website may launch the web\nbrowser and render that website\nDescription: An issue existed where QuickLook had the capability to\nexecute JavaScript. The issue was addressed by disallowing execution\nof JavaScript. \nCVE-ID\nCVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole\n\nQuickTime 7\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3772\nCVE-2015-3779\nCVE-2015-5753 : Apple\nCVE-2015-5779 : Apple\n\nQuickTime 7\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in QuickTime. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2015-3765 : Joe Burnett of Audio Poison\nCVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos\nCVE-2015-5751 : WalkerFuz\n\nSceneKit\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Viewing a maliciously crafted Collada file may lead to\narbitrary code execution\nDescription: A heap buffer overflow existed in SceneKit's handling\nof Collada files. This issue was addressed through improved input\nvalidation. \nCVE-ID\nCVE-2015-5772 : Apple\n\nSceneKit\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\nOS X Yosemite v10.10 to v10.10.4\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: A memory corruption issue existed in SceneKit. This\nissue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3783 : Haris Andrianakis of Google Security Team\n\nSecurity\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A standard user may be able to gain access to admin\nprivileges without proper authentication\nDescription: An issue existed in handling of user authentication. \nThis issue was addressed through improved authentication checks. \nCVE-ID\nCVE-2015-3775 : [Eldon Ahrold]\n\nSMBClient\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: A remote attacker may be able to cause unexpected\napplication termination or arbitrary code execution\nDescription: A memory corruption issue existed in the SMB client. \nThis issue was addressed through improved memory handling. \nCVE-ID\nCVE-2015-3773 : Ilja van Sprundel\n\nSpeech UI\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted unicode string with speech\nalerts enabled may lead to an unexpected application termination or\narbitrary code execution\nDescription: A memory corruption issue existed in handling of\nUnicode strings. This issue was addressed by improved memory\nhandling. \nCVE-ID\nCVE-2015-3794 : Adam Greenbaum of Refinitive\n\nsudo\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in sudo versions prior to\n1.7.10p9, the most serious of which may allow an attacker access to\narbitrary files\nDescription: Multiple vulnerabilities existed in sudo versions prior\nto 1.7.10p9. These were addressed by updating sudo to version\n1.7.10p9. \nCVE-ID\nCVE-2013-1775\nCVE-2013-1776\nCVE-2013-2776\nCVE-2013-2777\nCVE-2014-0106\nCVE-2014-9680\n\ntcpdump\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most\nserious of which may allow a remote attacker to cause a denial of\nservice. \nDescription: Multiple vulnerabilities existed in tcpdump versions\nprior to 4.7.3. These were addressed by updating tcpdump to version\n4.7.3. \nCVE-ID\nCVE-2014-8767\nCVE-2014-8769\nCVE-2014-9140\n\nText Formats\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Parsing a maliciously crafted text file may lead to\ndisclosure of user information\nDescription: An XML external entity reference issue existed with\nTextEdit parsing. This issue was addressed through improved parsing. \nCVE-ID\nCVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team\n\nudf\nAvailable for: OS X Yosemite v10.10 to v10.10.4\nImpact: Processing a maliciously crafted DMG file may lead to an\nunexpected application termination or arbitrary code execution with\nsystem privileges\nDescription: A memory corruption issue existed in parsing of\nmalformed DMG images. This issue was addressed through improved\nmemory handling. \nCVE-ID\nCVE-2015-3767 : beist of grayhash\n\nOS X Yosemite v10.10.5 includes the security content of Safari 8.0.8:\nhttps://support.apple.com/en-us/HT205033\n\nOS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained\nfrom the Mac App Store or Apple's Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n\n\n-----BEGIN PGP SIGNATURE-----\n\niQIcBAEBCAAGBQJVzM3+AAoJEBcWfLTuOo7tx/YP/RTsUUx0UTk7rXj6AEcHmiR4\nY2xTUOXqRmxhieSbsGK9laKL5++lIzkGh5RC7oYag0+OgWtZz+EU/EtdoEJmGNJ6\n+PgoEnizYdKhO1kos1KCHOwG6UFCqoeEm6Icm33nVUqWp7uAmhVRMRxtMJEScLSR\n2LpsK0grIhFXtJGqu053TSKSCa1UTab8XWteZTT84uFGMSKbAFONj5CPIrR6+uev\nQpVTwrnskPDBOXJwGhjypvIBTbt2aa1wjCukOAWFHwf7Pma/QUdhKRkUK4vAb9/k\nfu2t2fBOvSMguJHRO+340NsQR9LvmdruBeAyNUH64srF1jtbAg0QnvZsPyO5aIyR\nA8WrzHl3oIc0II0y7VpI+3o0J3Nn03EcBPtIKeoeyznnjNziDm72HPI2d2+5ZSRz\nxjAd4Nmw+dgGq+UMkusIXgtRK4HcEpwzfImf3zqnKHakSncnFPhGKyNEgn8bK9a7\nAeAvSqMXXsJg8weHUF2NLnAn/42k2wIE8d5BOLaIy13xz6MJn7VUI21pK0zCaGBF\nsfkRFZP0eEVh8ZzU/nWp9E5KDpbsd72biJwvjWH4OrmkfzUWxStQiVwPTxtZD9LW\nc5ZWe+vqZJV9eYRH2hAOMPaYkOQ5Z4DySNVVOFAG0eq9til8+V0k3L7ipIVd2XUB\nmsu6gVP8uZhFYNb8byVJ\n=+0e/\n-----END PGP SIGNATURE-----\n. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 9.3.3-1 of the postgresql-9.3 package. \nCVE-ID\nCVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research\nCenter\n\n\nOS X Server 5.0.3 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2015:110\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : postgresql\n Date : March 29, 2015\n Affected: Business Server 2.0\n _______________________________________________________________________\n\n Problem Description:\n\n Updated postgresql packages fix multiple security vulnerabilities:\n \n Granting a role without ADMIN OPTION is supposed to prevent the\n grantee from adding or removing members from the granted role, but\n this restriction was easily bypassed by doing SET ROLE first. The\n security impact is mostly that a role member can revoke the access\n of others, contrary to the wishes of his grantor. Unapproved role\n member additions are a lesser concern, since an uncooperative role\n member could provide most of his rights to others anyway by creating\n views or SECURITY DEFINER functions (CVE-2014-0060). \n \n The primary role of PL validator functions is to be called implicitly\n during CREATE FUNCTION, but they are also normal SQL functions\n that a user can call explicitly. Calling a validator on a function\n actually written in some other language was not checked for and could\n be exploited for privilege-escalation purposes. The fix involves\n adding a call to a privilege-checking function in each validator\n function. Non-core procedural languages will also need to make this\n change to their own validator functions, if any (CVE-2014-0061). \n \n If the name lookups come to different conclusions due to concurrent\n activity, we might perform some parts of the DDL on a different\n table than other parts. At least in the case of CREATE INDEX, this\n can be used to cause the permissions checks to be performed against\n a different table than the index creation, allowing for a privilege\n escalation attack (CVE-2014-0062). \n \n The MAXDATELEN constant was too small for the longest possible value of\n type interval, allowing a buffer overrun in interval_out(). Although\n the datetime input functions were more careful about avoiding buffer\n overrun, the limit was short enough to cause them to reject some valid\n inputs, such as input containing a very long timezone name. The ecpg\n library contained these vulnerabilities along with some of its own\n (CVE-2014-0063). \n \n Several functions, mostly type input functions, calculated an\n allocation size without checking for overflow. If overflow did\n occur, a too-small buffer would be allocated and then written past\n (CVE-2014-0064). \n \n Use strlcpy() and related functions to provide a clear guarantee\n that fixed-size buffers are not overrun. Unlike the preceding items,\n it is unclear whether these cases really represent live issues,\n since in most cases there appear to be previous constraints on the\n size of the input string. Nonetheless it seems prudent to silence\n all Coverity warnings of this type (CVE-2014-0065). \n \n There are relatively few scenarios in which crypt() could return NULL,\n but contrib/chkpass would crash if it did. One practical case in which\n this could be an issue is if libc is configured to refuse to execute\n unapproved hashing algorithms (e.g., FIPS mode) (CVE-2014-0066). \n \n Since the temporary server started by make check uses trust\n authentication, another user on the same machine could connect to it\n as database superuser, and then potentially exploit the privileges of\n the operating-system user who started the tests. A future release will\n probably incorporate changes in the testing procedure to prevent this\n risk, but some public discussion is needed first. So for the moment,\n just warn people against using make check when there are untrusted\n users on the same machine (CVE-2014-0067). \n \n A user with limited clearance on a table might have access to\n information in columns without SELECT rights on through server error\n messages (CVE-2014-8161). \n \n The function to_char() might read/write past the end of a buffer. This\n might crash the server when a formatting template is processed\n (CVE-2015-0241). \n \n The pgcrypto module is vulnerable to stack buffer overrun that might\n crash the server (CVE-2015-0243). \n \n Emil Lenngren reported that an attacker can inject SQL commands when\n the synchronization between client and server is lost (CVE-2015-0244). \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8161\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0241\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0242\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0243\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0244\n http://advisories.mageia.org/MGASA-2014-0205.html\n http://advisories.mageia.org/MGASA-2015-0069.html\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 2/X86_64:\n f99a635c6f82735fbc2b95e152f09efb mbs2/x86_64/lib64ecpg9.2_6-9.2.10-1.mbs2.x86_64.rpm\n d57166faca3e9d1b932cdd43c04b4d3a mbs2/x86_64/lib64ecpg9.3_6-9.3.6-1.mbs2.x86_64.rpm\n 6e4f38d6fb5b9bb91e9f2eab3e567e1f mbs2/x86_64/lib64pq9.2_5.5-9.2.10-1.mbs2.x86_64.rpm\n 6671c3cf6916cf829c3e3bc0332190a7 mbs2/x86_64/lib64pq9.3_5-9.3.6-1.mbs2.x86_64.rpm\n eda79e884356acdd4bc3776eb9f082d7 mbs2/x86_64/postgresql9.2-9.2.10-1.mbs2.x86_64.rpm\n 78ed2566f404f6af31337690f52851ca mbs2/x86_64/postgresql9.2-contrib-9.2.10-1.mbs2.x86_64.rpm\n 153a4a063504fa1fa1842b127712bfe0 mbs2/x86_64/postgresql9.2-devel-9.2.10-1.mbs2.x86_64.rpm\n 9bfdccf6a88c6b13496c7da4de2bca34 mbs2/x86_64/postgresql9.2-docs-9.2.10-1.mbs2.noarch.rpm\n 6b76f8d61fd457f92d90b1959fb1dea3 mbs2/x86_64/postgresql9.2-pl-9.2.10-1.mbs2.x86_64.rpm\n 8526ab569ed5362fc7a92fa23dca98b6 mbs2/x86_64/postgresql9.2-plperl-9.2.10-1.mbs2.x86_64.rpm\n 412cb6f09cb609fcbb09d3259f534dfc mbs2/x86_64/postgresql9.2-plpgsql-9.2.10-1.mbs2.x86_64.rpm\n c95ce4440833dfc828c9ee8eecbcea17 mbs2/x86_64/postgresql9.2-plpython-9.2.10-1.mbs2.x86_64.rpm\n 50b9c0b0197667b390ba47ccd00770d4 mbs2/x86_64/postgresql9.2-pltcl-9.2.10-1.mbs2.x86_64.rpm\n c019e6c9930eafc094f287ee7461aaaa mbs2/x86_64/postgresql9.2-server-9.2.10-1.mbs2.x86_64.rpm\n d2a51e59c752f3ddb3ea6c77f7502433 mbs2/x86_64/postgresql9.3-9.3.6-1.mbs2.x86_64.rpm\n 60e543ac5e51171e6669e68b0a5a2eb3 mbs2/x86_64/postgresql9.3-contrib-9.3.6-1.mbs2.x86_64.rpm\n 483126b5d66cd0f375ec9732677b2808 mbs2/x86_64/postgresql9.3-devel-9.3.6-1.mbs2.x86_64.rpm\n 0b361bfcbc87273de585f3f9c4c6a618 mbs2/x86_64/postgresql9.3-docs-9.3.6-1.mbs2.noarch.rpm\n 357b9a02ee0271876013e2db04025721 mbs2/x86_64/postgresql9.3-pl-9.3.6-1.mbs2.x86_64.rpm\n 7bd4f962c795ee04836f1e162c1e6b7e mbs2/x86_64/postgresql9.3-plperl-9.3.6-1.mbs2.x86_64.rpm\n 66e4b7668e00e0d16d6570ea7f1651fa mbs2/x86_64/postgresql9.3-plpgsql-9.3.6-1.mbs2.x86_64.rpm\n 13e4930b5a0dbe06a5b886a83401470a mbs2/x86_64/postgresql9.3-plpython-9.3.6-1.mbs2.x86_64.rpm\n 32e568d9ba610c58e6587b04d4cdb6ab mbs2/x86_64/postgresql9.3-pltcl-9.3.6-1.mbs2.x86_64.rpm\n 0b8899321e95fd17fc6aa954fb450a0d mbs2/x86_64/postgresql9.3-server-9.3.6-1.mbs2.x86_64.rpm \n f5856e921124345cf4dbadd41bfaab9d mbs2/SRPMS/postgresql9.2-9.2.10-1.mbs2.src.rpm\n ca1994bd36f7310b82ec57914dd8496d mbs2/SRPMS/postgresql9.3-9.3.6-1.mbs2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security", sources: [ { db: "NVD", id: "CVE-2014-0067", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "BID", id: "65721", }, { db: "VULHUB", id: "VHN-67560", }, { db: "VULMON", id: "CVE-2014-0067", }, { db: "PACKETSTORM", id: "133079", }, { db: "PACKETSTORM", id: "125341", }, { db: "PACKETSTORM", id: "125321", }, { db: "PACKETSTORM", id: "125319", }, { db: "PACKETSTORM", id: "133619", }, { db: "PACKETSTORM", id: "131120", }, ], trust: 2.61, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2014-0067", trust: 3.5, }, { db: "BID", id: "65721", trust: 1.5, }, { db: "JVN", id: "JVNVU99970459", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2014-001850", trust: 0.8, }, { db: "DEBIAN", id: "DSA-2864", trust: 0.6, }, { db: "DEBIAN", id: "DSA-2865", trust: 0.6, }, { db: "SECUNIA", id: "56943", trust: 0.6, }, { db: "SECUNIA", id: "57322", trust: 0.6, }, { db: "SECUNIA", id: "57122", trust: 0.6, }, { db: "SECUNIA", id: "57416", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201403-587", trust: 0.6, }, { db: "SEEBUG", id: "SSVID-61544", trust: 0.1, }, { db: "VULHUB", id: "VHN-67560", trust: 0.1, }, { db: "VULMON", id: "CVE-2014-0067", trust: 0.1, }, { db: "PACKETSTORM", id: "133079", trust: 0.1, }, { db: "PACKETSTORM", id: "125341", trust: 0.1, }, { db: "PACKETSTORM", id: "125321", trust: 0.1, }, { db: "PACKETSTORM", id: "125319", trust: 0.1, }, { db: "PACKETSTORM", id: "133619", trust: 0.1, }, { db: "PACKETSTORM", id: "131120", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-67560", }, { db: "VULMON", id: "CVE-2014-0067", }, { db: "BID", id: "65721", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "PACKETSTORM", id: "133079", }, { db: "PACKETSTORM", id: "125341", }, { db: "PACKETSTORM", id: "125321", }, { db: "PACKETSTORM", id: "125319", }, { db: "PACKETSTORM", id: "133619", }, { db: "PACKETSTORM", id: "131120", }, { db: "CNNVD", id: "CNNVD-201403-587", }, { db: "NVD", id: "CVE-2014-0067", }, ], }, id: "VAR-201403-0512", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-67560", }, ], trust: 0.01, }, last_update_date: "2024-11-23T20:47:20.427000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006", trust: 0.8, url: "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", }, { title: "APPLE-SA-2015-09-16-4 OS X Server 5.0.3", trust: 0.8, url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html", }, { title: "HT205031", trust: 0.8, url: "https://support.apple.com/en-us/HT205031", }, { title: "HT205219", trust: 0.8, url: "https://support.apple.com/en-us/HT205219", }, { title: "HT205219", trust: 0.8, url: "http://support.apple.com/ja-jp/HT205219", }, { title: "HT205031", trust: 0.8, url: "https://support.apple.com/ja-jp/HT205031", }, { title: "PostgreSQL 9.3.3, 9.2.7, 9.1.12, 9.0.16 and 8.4.20 released!", trust: 0.8, url: "http://www.postgresql.org/about/news/1506/", }, { title: "Security Information", trust: 0.8, url: "http://www.postgresql.org/support/security/", }, { title: "2014-02-20 Consolidated Security Update", trust: 0.8, url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { title: "Bug 1065863", trust: 0.8, url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0067", }, { title: "Red Hat: CVE-2014-0067", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2014-0067", }, { title: "Debian Security Advisories: DSA-2864-1 postgresql-8.4 -- several vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=381da60c2b1339b05afc77c669c7ce7b", }, { title: "Debian Security Advisories: DSA-2865-1 postgresql-9.1 -- several vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=4b77f25b0fdd73a587012b7098bd8577", }, { title: "Amazon Linux AMI: ALAS-2015-492", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2015-492", }, { title: "", trust: 0.1, url: "https://github.com/DButter/whitehat_public ", }, ], sources: [ { db: "VULMON", id: "CVE-2014-0067", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-264", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-67560", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "NVD", id: "CVE-2014-0067", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "http://www.debian.org/security/2014/dsa-2864", }, { trust: 1.8, url: "http://www.debian.org/security/2014/dsa-2865", }, { trust: 1.8, url: "http://wiki.postgresql.org/wiki/20140220securityrelease", }, { trust: 1.8, url: "http://www.postgresql.org/about/news/1506/", }, { trust: 1.3, url: "http://www.securityfocus.com/bid/65721", }, { trust: 1.2, url: "http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html", }, { trust: 1.2, url: "http://lists.apple.com/archives/security-announce/2015/sep/msg00004.html", }, { trust: 1.2, url: "https://support.apple.com/ht205219", }, { trust: 1.2, url: "https://support.apple.com/kb/ht205031", }, { trust: 1.2, url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html", }, { trust: 1.2, url: "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html", }, { trust: 1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0067", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu99970459/index.html", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0067", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0067", }, { trust: 0.6, url: "http://secunia.com/advisories/56943", }, { trust: 0.6, url: "http://secunia.com/advisories/57122", }, { trust: 0.6, url: "http://secunia.com/advisories/57322", }, { trust: 0.6, url: "http://secunia.com/advisories/57416", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0064", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0063", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0061", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0066", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0062", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0060", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0065", }, { trust: 0.3, url: "http://www.postgresql.org/", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8161", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8109", }, { trust: 0.2, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2014-3583", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2014-3581", }, { trust: 0.2, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0066", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0064", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0062", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0065", }, { trust: 0.2, url: "http://www.mandriva.com/en/support/security/", }, { trust: 0.2, url: "http://www.mandriva.com/en/support/security/advisories/", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0060", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0061", }, { trust: 0.2, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0063", }, { trust: 0.2, url: "http://www.debian.org/security/faq", }, { trust: 0.2, url: "http://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2015-0242", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2015-0241", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2015-0243", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2015-0244", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/264.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2014-0067", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1775", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-3613", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-7185", }, { trust: 0.1, url: "https://support.apple.com/en-us/ht205033", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-2776", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-7422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8767", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2009-5044", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-3620", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-2777", }, { trust: 0.1, url: "http://www.apple.com/support/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-7844", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0106", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-1776", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8769", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-7338", }, { trust: 0.1, url: "https://www.safeye.org)", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-3707", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-0191", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2009-5078", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-7040", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2012-6685", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8150", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8151", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-3660", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-1912", }, { trust: 0.1, url: "http://www.postgresql.org/docs/9.2/static/release-9-2-6.html", }, { trust: 0.1, url: "http://www.postgresql.org/docs/9.2/static/release-9-2-5.html", }, { trust: 0.1, url: "http://www.postgresql.org/docs/9.2/static/release-9-2-7.html", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-3185", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2014-8500", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-0253", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-3183", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-1349", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-0228", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-5911", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-3166", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-3165", }, { trust: 0.1, url: "http://gpgtools.org", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2013-5704", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-3167", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0242", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0244", }, { trust: 0.1, url: "http://advisories.mageia.org/mgasa-2014-0205.html", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8161", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0241", }, { trust: 0.1, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0243", }, { trust: 0.1, url: "http://advisories.mageia.org/mgasa-2015-0069.html", }, ], sources: [ { db: "VULHUB", id: "VHN-67560", }, { db: "VULMON", id: "CVE-2014-0067", }, { db: "BID", id: "65721", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "PACKETSTORM", id: "133079", }, { db: "PACKETSTORM", id: "125341", }, { db: "PACKETSTORM", id: "125321", }, { db: "PACKETSTORM", id: "125319", }, { db: "PACKETSTORM", id: "133619", }, { db: "PACKETSTORM", id: "131120", }, { db: "CNNVD", id: "CNNVD-201403-587", }, { db: "NVD", id: "CVE-2014-0067", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-67560", }, { db: "VULMON", id: "CVE-2014-0067", }, { db: "BID", id: "65721", }, { db: "JVNDB", id: "JVNDB-2014-001850", }, { db: "PACKETSTORM", id: "133079", }, { db: "PACKETSTORM", id: "125341", }, { db: "PACKETSTORM", id: "125321", }, { db: "PACKETSTORM", id: "125319", }, { db: "PACKETSTORM", id: "133619", }, { db: "PACKETSTORM", id: "131120", }, { db: "CNNVD", id: "CNNVD-201403-587", }, { db: "NVD", id: "CVE-2014-0067", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-03-31T00:00:00", db: "VULHUB", id: "VHN-67560", }, { date: "2014-03-31T00:00:00", db: "VULMON", id: "CVE-2014-0067", }, { date: "2014-02-17T00:00:00", db: "BID", id: "65721", }, { date: "2014-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2014-001850", }, { date: "2015-08-13T22:15:27", db: "PACKETSTORM", id: "133079", }, { date: "2014-02-22T03:39:19", db: "PACKETSTORM", id: "125341", }, { date: "2014-02-21T06:21:40", db: "PACKETSTORM", id: "125321", }, { date: "2014-02-21T06:21:19", db: "PACKETSTORM", id: "125319", }, { date: "2015-09-19T15:37:27", db: "PACKETSTORM", id: "133619", }, { date: "2015-03-30T21:34:58", db: "PACKETSTORM", id: "131120", }, { date: "2014-03-31T00:00:00", db: "CNNVD", id: "CNNVD-201403-587", }, { date: "2014-03-31T14:58:15.787000", db: "NVD", id: "CVE-2014-0067", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2017-12-16T00:00:00", db: "VULHUB", id: "VHN-67560", }, { date: "2017-12-16T00:00:00", db: "VULMON", id: "CVE-2014-0067", }, { date: "2015-11-03T19:43:00", db: "BID", id: "65721", }, { date: "2015-10-05T00:00:00", db: "JVNDB", id: "JVNDB-2014-001850", }, { date: "2014-04-01T00:00:00", db: "CNNVD", id: "CNNVD-201403-587", }, { date: "2024-11-21T02:01:17.450000", db: "NVD", id: "CVE-2014-0067", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "BID", id: "65721", }, { db: "CNNVD", id: "CNNVD-201403-587", }, ], trust: 0.9, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PostgreSQL For the test suite \"make check\" Command privilege vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2014-001850", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "permissions and access control", sources: [ { db: "CNNVD", id: "CNNVD-201403-587", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.