File _patchinfo of Package patchinfo
<patchinfo incident="6626">
<issue id="973660" tracker="bnc">postgresql needs Requires for timezone to be run in docker image</issue>
<issue id="993453" tracker="bnc">VUL-0: CVE-2016-5424 : postgresql: privilege escalation via crafted database and role names</issue>
<issue id="993454" tracker="bnc">VUL-0: CVE-2016-5423: postgresql: CASE/WHEN with inlining can cause untrusted pointer dereference</issue>
<issue id="2016-5423" tracker="cve" />
<issue id="2016-5424" tracker="cve" />
<issue tracker="bnc" id="1029547" />
<category>security</category>
<rating>important</rating>
<packager>faweiss</packager>
<description>This update for postgresql93 to version 9.3.14 fixes the several issues.
These security issues were fixed:
- CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference (bsc#993454).
- CVE-2016-5424: Fix client programs' handling of special characters in database and role names (bsc#993453).
This non-security issue was fixed:
- bsc#973660: Added "Requires: timezone" to Service Pack
- bsc#1029547: postgresql: fails to build with timezone 2017a
For additional non-security issues please refer to
- http://www.postgresql.org/docs/9.3/static/release-9-3-14.html
- http://www.postgresql.org/docs/9.3/static/release-9-3-13.html
- http://www.postgresql.org/docs/9.4/static/release-9-3-12.html
This update was imported from the SUSE:SLE-12:Update update project.</description>
<summary>Security update for postgresql93</summary>
</patchinfo>