Test Kennung:	1.3.6.1.4.1.25623.1.0.851400
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for postgresql93 (openSUSE-SU-2016:2425-1)
Zusammenfassung:	The remote host is missing an update for the 'postgresql93'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'postgresql93' package(s) announced via the referenced advisory. Vulnerability Insight: The postgresql server postgresql93 was updated to 9.3.14 fixes the following issues: Update to version 9.3.14: * Fix possible mis-evaluation of nested CASE-WHEN expressions (CVE-2016-5423, boo#993454) * Fix client programs' handling of special characters in database and role names (CVE-2016-5424, boo#993453) * Fix corner-case misbehaviors for IS NULL/IS NOT NULL applied to nested composite values * Make the inet and cidr data types properly reject IPv6 addresses with too many colon-separated fields * Prevent crash in close_ps() (the point ## lseg operator) for NaN input coordinates * Fix several one-byte buffer over-reads in to_number() * Avoid unsafe intermediate state during expensive paths through heap_update() Update to version 9.3.13: This update fixes several problems which caused downtime for users, including: - Clearing the OpenSSL error queue before OpenSSL calls, preventing errors in SSL connections, particularly when using the Python, Ruby or PHP OpenSSL wrappers - Fixed the 'failed to build N-way joins' planner error - Fixed incorrect handling of equivalence in multilevel nestloop query plans, which could emit rows which didn't match the WHERE clause. - Prevented two memory leaks with using GIN indexes, including a potential index corruption risk. The release also includes many other bug fixes for reported issues, many of which affect all supported versions: - Fix corner-case parser failures occurring when operator_precedence_warning is turned on - Prevent possible misbehavior of TH, th, and Y, YYY format codes in to_timestamp() - Correct dumping of VIEWs and RULEs which use ANY (array) in a subselect - Disallow newlines in ALTER SYSTEM parameter values - Avoid possible misbehavior after failing to remove a tablespace symlink - Fix crash in logical decoding on alignment-picky platforms - Avoid repeated requests for feedback from receiver while shutting down walsender - Multiple fixes for pg_upgrade - Support building with Visual Studio 2015 - This update also contains tzdata release 2016d, with updates for Russia, Venezuela, Kirov, and Tomsk. Update to version 9.3.12: - Fix two bugs in indexed ROW() comparisons - Avoid dat ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: postgresql93 on openSUSE 13.2 Solution: Please install the updated package(s). CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-5423 BugTraq ID: 92433 http://www.securityfocus.com/bid/92433 Debian Security Information: DSA-3646 (Google Search) http://www.debian.org/security/2016/dsa-3646 https://security.gentoo.org/glsa/201701-33 RedHat Security Advisories: RHSA-2016:1781 http://rhn.redhat.com/errata/RHSA-2016-1781.html RedHat Security Advisories: RHSA-2016:1820 http://rhn.redhat.com/errata/RHSA-2016-1820.html RedHat Security Advisories: RHSA-2016:1821 http://rhn.redhat.com/errata/RHSA-2016-1821.html RedHat Security Advisories: RHSA-2016:2606 http://rhn.redhat.com/errata/RHSA-2016-2606.html RedHat Security Advisories: RHSA-2017:2425 https://access.redhat.com/errata/RHSA-2017:2425 http://www.securitytracker.com/id/1036617 Common Vulnerability Exposure (CVE) ID: CVE-2016-5424 BugTraq ID: 92435 http://www.securityfocus.com/bid/92435
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.