Update for ImageMagick, ImageMagick.256, Mozilla... security moderate

postgresql: security and bugfix upgrade to 9.0.10

This version upgrade of PostgreSQL fixes following issues:

- Bugfix release 9.0.10:
* Fix planner's assignment of executor parameters, and fix
executor's rescan logic for CTE plan nodes.
* Improve page-splitting decisions in GiST indexes.
* Fix cascading privilege revoke to stop if privileges are still
* Improve error messages for Hot Standby misconfiguration errors.
* Fix handling of SIGFPE when PL/Perl is in use.
* Prevent PL/Perl from crashing if a recursive PL/Perl function
is redefined while being executed.
* Work around possible misoptimization in PL/Perl.
- See also: http://www.postgresql.org/docs/9.0/static/release.html

- Security and bugfix release 9.0.9:
* Prevent access to external files/URLs via contrib/xml2
(CVE-2012-3488, bnc#776523).
* Prevent access to external files/URLs via XML entity references
(CVE-2012-3489, bnc#776524).
* Fix incorrect password transformation in contrib/pgcrypto
(CVE-2012-2143, bnc#766799).
* Ignore SECURITY DEFINER and SET attributes for a procedural
language's call handler (CVE-2012-2655, bnc#765069).
- See also: http://www.postgresql.org/docs/9.0/static/release.html
- Rename postgresql-mkspecfiles to pre_checkin.sh

Fixed bugs
CVE-2012-2655: postgresql: denial of service (stack exhaustion) via specially-crafted SQL
CVE-2012-3488: postgresql: arbitrary read + write of files via XSL functionality
CVE-2012-2143: postgresql: BSD crypt 8bit character mishandling
CVE-2012-3489: postgresql: determination of the existence of files
Selected Binaries
openSUSE Build Service is sponsored by