openSUSE Security Update : postgresql (postgresql-1773)
Medium Nessus Plugin ID 44051
SynopsisThe remote openSUSE host is missing a security update.
DescriptionAn unprivileged, authenticated PostgreSQL user could create a table which references functions with malicious content. Maintenance operations carried out be the database superuser could execute such functions (CVE-2009-4136).
Embedded null bytes in the common name of SSL certificates could bypass certificate hostname checks (CVE-2009-4034).
postgresql was updated to the next upstream patchlevel update which also includes several bugfixes. See the package changelog for details.
SolutionUpdate the affected postgresql packages.