Security update for postgresql96
This update for postgresql96 fixes the following issues:
Security issues fixed:
- CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset() (bsc#1067844).
- CVE-2017-15099: Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases (bsc#1067841).
Bug fixes:
- Update to version 9.6.6:
* https://www.postgresql.org/docs/9.6/static/release-9-6-6.html
* https://www.postgresql.org/docs/9.6/static/release-9-6-5.html
This update was imported from the SUSE:SLE-12:Update update project.
- Submitted by Reinhard Max (rmax)
Fixed bugs
bnc#1067844
VUL-0: CVE-2017-15098: postgresql94,postgresql96: Memory disclosure in JSON functions
bnc#1067841
VUL-0: CVE-2017-15099: postgresql96: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges