SUSE Container Update Advisory: suse/postgres
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1788-1
Container Tags        : suse/postgres:15 , suse/postgres:15-5.19 , suse/postgres:15.3 , suse/postgres:15.3-5.19 , suse/postgres:latest
Container Release     : 5.19
Severity              : important
Type                  : security
References            : 1203141 1206513 1207410 1210164 1210303 1210434 1210593 1210702
                        1211228 1211229 1211230 1211231 1211232 1211233 1211430 CVE-2023-2454
                        CVE-2023-2455 CVE-2023-2650 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321
                        CVE-2023-28322 CVE-2023-29491 
-----------------------------------------------------------------

The container suse/postgres was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2111-1
Released:    Fri May  5 14:34:00 2023
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1210434,CVE-2023-29491
This update for ncurses fixes the following issues:

- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2133-1
Released:    Tue May  9 13:37:10 2023
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1206513
This update for zlib fixes the following issues:

- Add DFLTCC support for using inflate() with a small window (bsc#1206513)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2207-1
Released:    Mon May 15 13:20:56 2023
Summary:     Security update for postgresql15
Type:        security
Severity:    important
References:  1210303,1211228,1211229,CVE-2023-2454,CVE-2023-2455
This update for postgresql15 fixes the following issues:

Updated to version 15.3:
  - CVE-2023-2454: Fixed an issue where a user having permission to
    create a schema could hijack the privileges of a security definer
    function or extension script (bsc#1211228).
  - CVE-2023-2455: Fixed an issue that could allow a user to see or
    modify rows that should have been invisible (bsc#1211229).
  - Internal fixes (bsc#1210303).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2224-1
Released:    Wed May 17 09:53:54 2023
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322
This update for curl adds the following feature:

Update to version 8.0.1 (jsc#PED-2580)

- CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230).
- CVE-2023-28320: siglongjmp race condition (bsc#1211231).
- CVE-2023-28321: IDN wildcard matching (bsc#1211232).
- CVE-2023-28322: POST-after-PUT confusion (bsc#1211233).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2240-1
Released:    Wed May 17 19:56:54 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1203141,1207410
This update for systemd fixes the following issues:

- udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410)
- Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141)
- Add nss-resolve and systemd-network to Packagehub-Subpackages (MSC-626)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2307-1
Released:    Mon May 29 10:29:49 2023
Summary:     Recommended update for kbd
Type:        recommended
Severity:    low
References:  1210702
This update for kbd fixes the following issue:

- Add 'ara' vc keymap, 'ara' is slightly better than 'arabic' as it matches the name of its X11 layout counterpart. (bsc#1210702)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2317-1
Released:    Tue May 30 14:01:22 2023
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1210164
This update for util-linux fixes the following issue:

- Add upstream patch to prevent possible performance degradation of libuuid (bsc#1210164)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2333-1
Released:    Wed May 31 09:01:28 2023
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1210593
This update for zlib fixes the following issue:

- Fix function calling order to avoid crashes (bsc#1210593)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2342-1
Released:    Thu Jun  1 11:34:20 2023
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1211430,CVE-2023-2650
This update for openssl-1_1 fixes the following issues:

- CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430).


The following package changes have been done:

- libuuid1-2.37.2-150400.8.17.1 updated
- libudev1-249.16-150400.8.28.3 updated
- libsmartcols1-2.37.2-150400.8.17.1 updated
- libblkid1-2.37.2-150400.8.17.1 updated
- libfdisk1-2.37.2-150400.8.17.1 updated
- libz1-1.2.11-150000.3.45.1 updated
- libncurses6-6.1-150000.5.15.1 updated
- terminfo-base-6.1-150000.5.15.1 updated
- ncurses-utils-6.1-150000.5.15.1 updated
- libsystemd0-249.16-150400.8.28.3 updated
- libopenssl1_1-1.1.1l-150400.7.37.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.37.1 updated
- libmount1-2.37.2-150400.8.17.1 updated
- libcurl4-8.0.1-150400.5.23.1 updated
- util-linux-2.37.2-150400.8.17.1 updated
- kbd-legacy-2.4.0-150400.5.6.1 updated
- libpq5-15.3-150200.5.9.1 updated
- kbd-2.4.0-150400.5.6.1 updated
- postgresql15-15.3-150200.5.9.1 updated
- systemd-249.16-150400.8.28.3 updated
- postgresql15-server-15.3-150200.5.9.1 updated
- container:sles15-image-15.0.0-27.14.66 updated

SUSE: 2023:1788-1 suse/postgres Security Update

June 6, 2023
The container suse/postgres was updated

Summary

Advisory ID: SUSE-SU-2023:2111-1 Released: Fri May 5 14:34:00 2023 Summary: Security update for ncurses Type: security Severity: moderate Advisory ID: SUSE-RU-2023:2133-1 Released: Tue May 9 13:37:10 2023 Summary: Recommended update for zlib Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:2207-1 Released: Mon May 15 13:20:56 2023 Summary: Security update for postgresql15 Type: security Severity: important Advisory ID: SUSE-SU-2023:2224-1 Released: Wed May 17 09:53:54 2023 Summary: Security update for curl Type: security Severity: important Advisory ID: SUSE-RU-2023:2240-1 Released: Wed May 17 19:56:54 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:2307-1 Released: Mon May 29 10:29:49 2023 Summary: Recommended update for kbd Type: recommended Severity: low Advisory ID: SUSE-RU-2023:2317-1 Released: Tue May 30 14:01:22 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:2333-1 Released: Wed May 31 09:01:28 2023 Summary: Recommended update for zlib Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:2342-1 Released: Thu Jun 1 11:34:20 2023 Summary: Security update for openssl-1_1 Type: security Severity: important

References

References : 1203141 1206513 1207410 1210164 1210303 1210434 1210593 1210702

1211228 1211229 1211230 1211231 1211232 1211233 1211430 CVE-2023-2454

CVE-2023-2455 CVE-2023-2650 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321

CVE-2023-28322 CVE-2023-29491

1210434,CVE-2023-29491

This update for ncurses fixes the following issues:

- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).

1206513

This update for zlib fixes the following issues:

- Add DFLTCC support for using inflate() with a small window (bsc#1206513)

1210303,1211228,1211229,CVE-2023-2454,CVE-2023-2455

This update for postgresql15 fixes the following issues:

Updated to version 15.3:

- CVE-2023-2454: Fixed an issue where a user having permission to

create a schema could hijack the privileges of a security definer

function or extension script (bsc#1211228).

- CVE-2023-2455: Fixed an issue that could allow a user to see or

modify rows that should have been invisible (bsc#1211229).

- Internal fixes (bsc#1210303).

1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322

This update for curl adds the following feature:

Update to version 8.0.1 (jsc#PED-2580)

- CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230).

- CVE-2023-28320: siglongjmp race condition (bsc#1211231).

- CVE-2023-28321: IDN wildcard matching (bsc#1211232).

- CVE-2023-28322: POST-after-PUT confusion (bsc#1211233).

1203141,1207410

This update for systemd fixes the following issues:

- udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410)

- Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141)

- Add nss-resolve and systemd-network to Packagehub-Subpackages (MSC-626)

1210702

This update for kbd fixes the following issue:

- Add 'ara' vc keymap, 'ara' is slightly better than 'arabic' as it matches the name of its X11 layout counterpart. (bsc#1210702)

1210164

This update for util-linux fixes the following issue:

- Add upstream patch to prevent possible performance degradation of libuuid (bsc#1210164)

1210593

This update for zlib fixes the following issue:

- Fix function calling order to avoid crashes (bsc#1210593)

1211430,CVE-2023-2650

This update for openssl-1_1 fixes the following issues:

- CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers (bsc#1211430).

The following package changes have been done:

- libuuid1-2.37.2-150400.8.17.1 updated

- libudev1-249.16-150400.8.28.3 updated

- libsmartcols1-2.37.2-150400.8.17.1 updated

- libblkid1-2.37.2-150400.8.17.1 updated

- libfdisk1-2.37.2-150400.8.17.1 updated

- libz1-1.2.11-150000.3.45.1 updated

- libncurses6-6.1-150000.5.15.1 updated

- terminfo-base-6.1-150000.5.15.1 updated

- ncurses-utils-6.1-150000.5.15.1 updated

- libsystemd0-249.16-150400.8.28.3 updated

- libopenssl1_1-1.1.1l-150400.7.37.1 updated

- libopenssl1_1-hmac-1.1.1l-150400.7.37.1 updated

- libmount1-2.37.2-150400.8.17.1 updated

- libcurl4-8.0.1-150400.5.23.1 updated

- util-linux-2.37.2-150400.8.17.1 updated

- kbd-legacy-2.4.0-150400.5.6.1 updated

- libpq5-15.3-150200.5.9.1 updated

- kbd-2.4.0-150400.5.6.1 updated

- postgresql15-15.3-150200.5.9.1 updated

- systemd-249.16-150400.8.28.3 updated

- postgresql15-server-15.3-150200.5.9.1 updated

- container:sles15-image-15.0.0-27.14.66 updated

Severity
Container Advisory ID : SUSE-CU-2023:1788-1
Container Tags : suse/postgres:15 , suse/postgres:15-5.19 , suse/postgres:15.3 , suse/postgres:15.3-5.19 , suse/postgres:latest
Container Release : 5.19
Severity : important
Type : security

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved