Lucene search

HistoryAug 17, 2020 - 12:00 a.m.

Security update for postgresql, postgresql96, postgresql10, postgresql12 (moderate)


0.002 Low




An update that solves two vulnerabilities and has two fixes
is now available.


This update for postgresql, postgresql96, postgresql10, postgresql12 fixes
the following issues:

Postgresql12 was updated to 12.3 (bsc#1171924).

Also changed in the postgresql wrapper package:

  • Bump version to 12.0.1, so that the binary packages also have a
    cut-point to conflict with.

  • Conflict with versions of the binary packages prior to the May 2020
    update, because we changed the package layout at that point and need a
    clean cutover.

  • Bump package version to 12, but leave default at 10 for SLE-15 and

postgresql11 was updated to 11.9:

  • Pack the /usr/lib/postgresql symlink only into the main package.

postgresql11 was updated to 11.8 (bsc#1171924).

  • Unify the spec file to work across all current PostgreSQL versions to
    simplify future maintenance.
  • Move from the “libs” build flavour to a “mini” package that will
    only be used inside the build service and not get shipped, to avoid
    confusion with the debuginfo packages (bsc#1148643).

postgresql10 was updated to 10.13 (bsc#1171924).

postgresql96 was updated to 9.6.19:

 * CVE-2020-14350, boo#1175194: Make contrib modules' installation
   scripts more secure.
  • Pack the /usr/lib/postgresql symlink only into the main package.

  • Let postgresqlXX conflict with postgresql-noarch < 12.0.1 to get a clean
    and complete cutover to the new packaging schema.

  • update to 9.6.18 (boo#1171924).

  • Unify the spec file to work across all current PostgreSQL versions to
    simplify future maintenance.

  • Move from the “libs” build flavour to a “mini” package that will
    only be used inside the build service and not get shipped, to avoid
    confusion with the debuginfo packages (boo#1148643).

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.2:

    zypper in -t patch openSUSE-2020-1228=1

openSUSE Leap15.2i586< - openSUSE Leap 15.2 (i586 x86_64):- openSUSE Leap 15.2 (i586 x86_64):.i586.rpm
openSUSE Leap15.2x86_64< - openSUSE Leap 15.2 (i586 x86_64):- openSUSE Leap 15.2 (i586 x86_64):.x86_64.rpm
openSUSE Leap15.2noarch< - openSUSE Leap 15.2 (noarch):- openSUSE Leap 15.2 (noarch):.noarch.rpm
openSUSE Leap15.2x86_64< - openSUSE Leap 15.2 (x86_64):- openSUSE Leap 15.2 (x86_64):.x86_64.rpm