SUSE Container Update Advisory: suse/postgres ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:4156-1 Container Tags : suse/postgres:16 , suse/postgres:16-42.7 , suse/postgres:16.4 , suse/postgres:16.4-42.7 , suse/postgres:latest Container Release : 42.7 Severity : important Type : security References : 1224038 1224051 1228042 1229013 CVE-2024-4317 CVE-2024-7348 ----------------------------------------------------------------- The container suse/postgres was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3159-1 Released: Fri Sep 6 12:15:52 2024 Summary: Security update for postgresql16 Type: security Severity: important References: 1224038,1224051,1229013,CVE-2024-4317,CVE-2024-7348 This update for postgresql16 fixes the following issues: - Upgrade to 16.4 (bsc#1229013) - CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) - CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See the release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3166-1 Released: Mon Sep 9 12:25:30 2024 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1228042 This update for glibc fixes the following issue: - s390x-wcsncmp patch for s390x: Fix segfault in wcsncmp (bsc#1228042). The following package changes have been done: - glibc-2.38-150600.14.8.2 updated - glibc-locale-base-2.38-150600.14.8.2 updated - libpq5-16.4-150600.16.5.1 updated - glibc-locale-2.38-150600.14.8.2 updated - postgresql16-16.4-150600.16.5.1 updated - postgresql16-server-16.4-150600.16.5.1 updated - container:sles15-image-15.6.0-47.11.12 updated