{"affected":[{"ecosystem_specific":{"binaries":[{"postgresql93":"9.3.11-14.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12","name":"postgresql93","purl":"pkg:rpm/suse/postgresql93&distro=SUSE%20Linux%20Enterprise%20Desktop%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.3.11-14.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"postgresql93-devel":"9.3.11-14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"postgresql93-libs","purl":"pkg:rpm/suse/postgresql93-libs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.3.11-14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"postgresql93":"9.3.11-14.2","postgresql93-contrib":"9.3.11-14.2","postgresql93-docs":"9.3.11-14.2","postgresql93-server":"9.3.11-14.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12","name":"postgresql93","purl":"pkg:rpm/suse/postgresql93&distro=SUSE%20Linux%20Enterprise%20Server%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.3.11-14.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"postgresql93":"9.3.11-14.2","postgresql93-contrib":"9.3.11-14.2","postgresql93-docs":"9.3.11-14.2","postgresql93-server":"9.3.11-14.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12","name":"postgresql93","purl":"pkg:rpm/suse/postgresql93&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.3.11-14.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for postgresql93 fixes the following issues: \n\n- Security and bugfix release 9.3.11:\n  * Fix infinite loops and buffer-overrun problems in regular\n    expressions (CVE-2016-0773, bsc#966436).\n  * Fix regular-expression compiler to handle loops of constraint\n    arcs (CVE-2007-4772).\n  * Prevent certain PL/Java parameters from being set by\n    non-superusers (CVE-2016-0766, bsc#966435).\n  * Fix many issues in pg_dump with specific object types\n  * Prevent over-eager pushdown of HAVING clauses for\n    GROUPING SETS\n  * Fix deparsing error with ON CONFLICT ... WHERE clauses\n  * Fix tableoid errors for postgres_fdw\n  * Prevent floating-point exceptions in pgbench\n  * Make \\det search Foreign Table names consistently\n  * Fix quoting of domain constraint names in pg_dump\n  * Prevent putting expanded objects into Const nodes\n  * Allow compile of PL/Java on Windows\n  * Fix 'unresolved symbol' errors in PL/Python execution\n  * Allow Python2 and Python3 to be used in the same database\n  * Add support for Python 3.5 in PL/Python\n  * Fix issue with subdirectory creation during initdb\n  * Make pg_ctl report status correctly on Windows\n  * Suppress confusing error when using pg_receivexlog with older\n    servers\n  * Multiple documentation corrections and additions\n  * Fix erroneous hash calculations in gin_extract_jsonb_path()\n- For the full release notse, see:\n  http://www.postgresql.org/docs/9.3/static/release-9-3-11.html\n","id":"SUSE-SU-2016:0539-1","modified":"2016-02-22T10:07:15Z","published":"2016-02-22T10:07:15Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20160539-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/966435"},{"type":"REPORT","url":"https://bugzilla.suse.com/966436"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2007-4772"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0766"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0773"}],"related":["CVE-2007-4772","CVE-2016-0766","CVE-2016-0773"],"summary":"Security update for postgresql93","upstream":["CVE-2007-4772","CVE-2016-0766","CVE-2016-0773"]}