suse-su-2015:0478-1
Vulnerability from csaf_suse
Published
2015-02-23 15:59
Modified
2015-02-23 15:59
Summary
Security update for postgresql93
Notes
Title of the patch
Security update for postgresql93
Description of the patch
postgresql93 was updated to version 9.3.6 to fix four security issues.
These security issues were fixed:
- CVE-2015-0241: Fix buffer overruns in to_char() (bnc#916953).
- CVE-2015-0243: Fix buffer overruns in contrib/pgcrypto (bnc#916953).
- CVE-2015-0244: Fix possible loss of frontend/backend protocol synchronization after an error (bnc#916953).
- CVE-2014-8161: Fix information leak via constraint-violation error messages (bnc#916953).
This non-security issue was fixed:
- Move the server socket from /tmp to /var/run to avoid
problems with clients that use PrivateTmp (bnc#888564).
More information is available at http://www.postgresql.org/docs/9.3/static/release-9-3-6.html
Patchnames
SUSE-SLE-DESKTOP-12-2015-118,SUSE-SLE-SDK-12-2015-118,SUSE-SLE-SERVER-12-2015-118
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for postgresql93",
"title": "Title of the patch"
},
{
"category": "description",
"text": "postgresql93 was updated to version 9.3.6 to fix four security issues.\n\nThese security issues were fixed:\n- CVE-2015-0241: Fix buffer overruns in to_char() (bnc#916953).\n- CVE-2015-0243: Fix buffer overruns in contrib/pgcrypto (bnc#916953).\n- CVE-2015-0244: Fix possible loss of frontend/backend protocol synchronization after an error (bnc#916953).\n- CVE-2014-8161: Fix information leak via constraint-violation error messages (bnc#916953).\n\nThis non-security issue was fixed:\n- Move the server socket from /tmp to /var/run to avoid\n problems with clients that use PrivateTmp (bnc#888564).\n\nMore information is available at http://www.postgresql.org/docs/9.3/static/release-9-3-6.html\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2015-118,SUSE-SLE-SDK-12-2015-118,SUSE-SLE-SERVER-12-2015-118",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0478-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:0478-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150478-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:0478-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-March/001280.html"
},
{
"category": "self",
"summary": "SUSE Bug 888564",
"url": "https://bugzilla.suse.com/888564"
},
{
"category": "self",
"summary": "SUSE Bug 916953",
"url": "https://bugzilla.suse.com/916953"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8161 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0241 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0241/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0243 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-0244 page",
"url": "https://www.suse.com/security/cve/CVE-2015-0244/"
}
],
"title": "Security update for postgresql93",
"tracking": {
"current_release_date": "2015-02-23T15:59:41Z",
"generator": {
"date": "2015-02-23T15:59:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:0478-1",
"initial_release_date": "2015-02-23T15:59:41Z",
"revision_history": [
{
"date": "2015-02-23T15:59:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "postgresql93-docs-9.3.6-5.2.noarch",
"product": {
"name": "postgresql93-docs-9.3.6-5.2.noarch",
"product_id": "postgresql93-docs-9.3.6-5.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql93-devel-9.3.6-5.1.ppc64le",
"product": {
"name": "postgresql93-devel-9.3.6-5.1.ppc64le",
"product_id": "postgresql93-devel-9.3.6-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libecpg6-9.3.6-5.1.ppc64le",
"product": {
"name": "libecpg6-9.3.6-5.1.ppc64le",
"product_id": "libecpg6-9.3.6-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpq5-9.3.6-5.1.ppc64le",
"product": {
"name": "libpq5-9.3.6-5.1.ppc64le",
"product_id": "libpq5-9.3.6-5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql93-9.3.6-5.2.ppc64le",
"product": {
"name": "postgresql93-9.3.6-5.2.ppc64le",
"product_id": "postgresql93-9.3.6-5.2.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql93-contrib-9.3.6-5.2.ppc64le",
"product": {
"name": "postgresql93-contrib-9.3.6-5.2.ppc64le",
"product_id": "postgresql93-contrib-9.3.6-5.2.ppc64le"
}
},
{
"category": "product_version",
"name": "postgresql93-server-9.3.6-5.2.ppc64le",
"product": {
"name": "postgresql93-server-9.3.6-5.2.ppc64le",
"product_id": "postgresql93-server-9.3.6-5.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql93-devel-9.3.6-5.1.s390x",
"product": {
"name": "postgresql93-devel-9.3.6-5.1.s390x",
"product_id": "postgresql93-devel-9.3.6-5.1.s390x"
}
},
{
"category": "product_version",
"name": "libecpg6-9.3.6-5.1.s390x",
"product": {
"name": "libecpg6-9.3.6-5.1.s390x",
"product_id": "libecpg6-9.3.6-5.1.s390x"
}
},
{
"category": "product_version",
"name": "libpq5-9.3.6-5.1.s390x",
"product": {
"name": "libpq5-9.3.6-5.1.s390x",
"product_id": "libpq5-9.3.6-5.1.s390x"
}
},
{
"category": "product_version",
"name": "libpq5-32bit-9.3.6-5.1.s390x",
"product": {
"name": "libpq5-32bit-9.3.6-5.1.s390x",
"product_id": "libpq5-32bit-9.3.6-5.1.s390x"
}
},
{
"category": "product_version",
"name": "postgresql93-9.3.6-5.2.s390x",
"product": {
"name": "postgresql93-9.3.6-5.2.s390x",
"product_id": "postgresql93-9.3.6-5.2.s390x"
}
},
{
"category": "product_version",
"name": "postgresql93-contrib-9.3.6-5.2.s390x",
"product": {
"name": "postgresql93-contrib-9.3.6-5.2.s390x",
"product_id": "postgresql93-contrib-9.3.6-5.2.s390x"
}
},
{
"category": "product_version",
"name": "postgresql93-server-9.3.6-5.2.s390x",
"product": {
"name": "postgresql93-server-9.3.6-5.2.s390x",
"product_id": "postgresql93-server-9.3.6-5.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libecpg6-9.3.6-5.1.x86_64",
"product": {
"name": "libecpg6-9.3.6-5.1.x86_64",
"product_id": "libecpg6-9.3.6-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpq5-9.3.6-5.1.x86_64",
"product": {
"name": "libpq5-9.3.6-5.1.x86_64",
"product_id": "libpq5-9.3.6-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpq5-32bit-9.3.6-5.1.x86_64",
"product": {
"name": "libpq5-32bit-9.3.6-5.1.x86_64",
"product_id": "libpq5-32bit-9.3.6-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql93-9.3.6-5.2.x86_64",
"product": {
"name": "postgresql93-9.3.6-5.2.x86_64",
"product_id": "postgresql93-9.3.6-5.2.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql93-devel-9.3.6-5.1.x86_64",
"product": {
"name": "postgresql93-devel-9.3.6-5.1.x86_64",
"product_id": "postgresql93-devel-9.3.6-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql93-contrib-9.3.6-5.2.x86_64",
"product": {
"name": "postgresql93-contrib-9.3.6-5.2.x86_64",
"product_id": "postgresql93-contrib-9.3.6-5.2.x86_64"
}
},
{
"category": "product_version",
"name": "postgresql93-server-9.3.6-5.2.x86_64",
"product": {
"name": "postgresql93-server-9.3.6-5.2.x86_64",
"product_id": "postgresql93-server-9.3.6-5.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64"
},
"product_reference": "libecpg6-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64"
},
"product_reference": "libpq5-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-32bit-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64"
},
"product_reference": "libpq5-32bit-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-devel-9.3.6-5.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le"
},
"product_reference": "postgresql93-devel-9.3.6-5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-devel-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x"
},
"product_reference": "postgresql93-devel-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-devel-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
},
"product_reference": "postgresql93-devel-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le"
},
"product_reference": "libecpg6-9.3.6-5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x"
},
"product_reference": "libecpg6-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64"
},
"product_reference": "libecpg6-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le"
},
"product_reference": "libpq5-9.3.6-5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x"
},
"product_reference": "libpq5-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64"
},
"product_reference": "libpq5-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-32bit-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x"
},
"product_reference": "libpq5-32bit-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-32bit-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64"
},
"product_reference": "libpq5-32bit-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le"
},
"product_reference": "postgresql93-9.3.6-5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x"
},
"product_reference": "postgresql93-9.3.6-5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-contrib-9.3.6-5.2.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le"
},
"product_reference": "postgresql93-contrib-9.3.6-5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-contrib-9.3.6-5.2.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x"
},
"product_reference": "postgresql93-contrib-9.3.6-5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-contrib-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-contrib-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-docs-9.3.6-5.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch"
},
"product_reference": "postgresql93-docs-9.3.6-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-server-9.3.6-5.2.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le"
},
"product_reference": "postgresql93-server-9.3.6-5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-server-9.3.6-5.2.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x"
},
"product_reference": "postgresql93-server-9.3.6-5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-server-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-server-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le"
},
"product_reference": "libecpg6-9.3.6-5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x"
},
"product_reference": "libecpg6-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libecpg6-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64"
},
"product_reference": "libecpg6-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le"
},
"product_reference": "libpq5-9.3.6-5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x"
},
"product_reference": "libpq5-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64"
},
"product_reference": "libpq5-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-32bit-9.3.6-5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x"
},
"product_reference": "libpq5-32bit-9.3.6-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpq5-32bit-9.3.6-5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64"
},
"product_reference": "libpq5-32bit-9.3.6-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le"
},
"product_reference": "postgresql93-9.3.6-5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x"
},
"product_reference": "postgresql93-9.3.6-5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-contrib-9.3.6-5.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le"
},
"product_reference": "postgresql93-contrib-9.3.6-5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-contrib-9.3.6-5.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x"
},
"product_reference": "postgresql93-contrib-9.3.6-5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-contrib-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-contrib-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-docs-9.3.6-5.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch"
},
"product_reference": "postgresql93-docs-9.3.6-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-server-9.3.6-5.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le"
},
"product_reference": "postgresql93-server-9.3.6-5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-server-9.3.6-5.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x"
},
"product_reference": "postgresql93-server-9.3.6-5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql93-server-9.3.6-5.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64"
},
"product_reference": "postgresql93-server-9.3.6-5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-8161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8161"
}
],
"notes": [
{
"category": "general",
"text": "PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8161",
"url": "https://www.suse.com/security/cve/CVE-2014-8161"
},
{
"category": "external",
"summary": "SUSE Bug 916953 for CVE-2014-8161",
"url": "https://bugzilla.suse.com/916953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-23T15:59:41Z",
"details": "moderate"
}
],
"title": "CVE-2014-8161"
},
{
"cve": "CVE-2015-0241",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0241"
}
],
"notes": [
{
"category": "general",
"text": "The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0241",
"url": "https://www.suse.com/security/cve/CVE-2015-0241"
},
{
"category": "external",
"summary": "SUSE Bug 916953 for CVE-2015-0241",
"url": "https://bugzilla.suse.com/916953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-23T15:59:41Z",
"details": "moderate"
}
],
"title": "CVE-2015-0241"
},
{
"cve": "CVE-2015-0243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0243"
}
],
"notes": [
{
"category": "general",
"text": "Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0243",
"url": "https://www.suse.com/security/cve/CVE-2015-0243"
},
{
"category": "external",
"summary": "SUSE Bug 916953 for CVE-2015-0243",
"url": "https://bugzilla.suse.com/916953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-23T15:59:41Z",
"details": "moderate"
}
],
"title": "CVE-2015-0243"
},
{
"cve": "CVE-2015-0244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-0244"
}
],
"notes": [
{
"category": "general",
"text": "PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-0244",
"url": "https://www.suse.com/security/cve/CVE-2015-0244"
},
{
"category": "external",
"summary": "SUSE Bug 916953 for CVE-2015-0244",
"url": "https://bugzilla.suse.com/916953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Desktop 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libecpg6-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-32bit-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:libpq5-9.3.6-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.6-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.6-5.2.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.6-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-02-23T15:59:41Z",
"details": "moderate"
}
],
"title": "CVE-2015-0244"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…