File _patchinfo of Package patchinfo.19733
<patchinfo incident="19733"> <issue tracker="cve" id="2021-32029"/> <issue tracker="cve" id="2021-32028"/> <issue tracker="cve" id="2021-32027"/> <issue tracker="bnc" id="1185925">VUL-0: CVE-2021-32028: postgresql: Fix mishandling of “junk” columns in INSERT ... ON CONFLICT ... UPDATE target lists</issue> <issue tracker="bnc" id="1179945">[icu68] postgresql fails to build</issue> <issue tracker="bnc" id="1183118">Upgrade to Leap 15.3 does not work for postgresql</issue> <issue tracker="bnc" id="1185924">VUL-0: CVE-2021-32027: postgresql: Prevent integer overflows in array subscripting calculations</issue> <issue tracker="bnc" id="1185926">VUL-0: CVE-2021-32029: postgresql: Fix possibly-incorrect computation of UPDATE ... RETURNING outputs for joined cross-partition updates</issue> <issue tracker="bnc" id="1183168">postgresql13: uninstall fails due to valid script expansion</issue> <packager>rmax</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for postgresql12</summary> <description>This update for postgresql12 fixes the following issues: Upgrade to version 12.7: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations (bsc#1185924). - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists (bsc#1185925). - CVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ... RETURNING outputs for joined cross-partition updates (bsc#1185926). - Don't use %_stop_on_removal, because it was meant to be private and got removed from openSUSE. %_restart_on_update is also private, but still supported and needed for now (bsc#1183168). - Re-enable build of the llvmjit subpackage on SLE, but it will only be delivered on PackageHub for now (bsc#1183118). - Disable icu for PostgreSQL 10 (and older) on TW (bsc#1179945). </description> </patchinfo>
