Debian: DSA-2120-1: New postgresql-8.3 packages fix privilege escalation
Summary
Tim Bunce discovered that PostgreSQL, a database server software, does
not properly separate interpreters for server-side stored procedures
which run in different security contexts. As a result, non-privileged
authenticated database users might gain additional privileges.
Note that this security update may impact intended communication through
global variables between stored procedures. It might be necessary to
convert these functions to run under the plperlu or pltclu languages,
with database superuser privileges.
This security update also includes unrelated bug fixes from PostgreSQL
8.3.12.
For the stable distribution (lenny), this problem has been fixed in
version 8.3_8.3.12-0lenny1.
For the unstable distribution (sid), this problem has been fixed in
version 8.4.5-1 of the postgresql-8.4 package.
We recommend that you upgrade your PostgreSQL packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Source archives:
Size/MD5 checksum: 2313 1663c4c9915f51a31ff6e6b7b3bda545
Size/MD5 checksum: 13955500 03b56e23c3bcdc36eee3156334b8b97b
Size/MD5 checksum: 52479 e39048a272b6085ad0dce1933a1b1f5b
Architecture independent packages:
Size/MD5 checksum: 273756 95f2dc5525e464769715c302d9141df4
Size/MD5 checksum: 273824 0c762a2fed4bf2b85120b4fc6a3c5d09
Size/MD5 checksum: 2213230 61228c350de23b18674fc3a2b0d11e44
Size/MD5 checksum: 273944 b89079dac539bbbaed5794bee7f4d3c3
Size/MD5 checksum: 273928 744cf8e343f7c1c658eb64f976797736
alpha architecture (DEC Alpha)
Size/MD5 checksum: 293706 41c14c7e0ea6dc1f6b4015fa0b3bdc9a
Size/MD5 checksum: 638416 e3c55350fc57d889281157d9047da119
Size/MD5 checksum: 498186 27c76b0e919d5d98d5573dd3cf8a29b4
Size/MD5 checksum: 1720192 853975a17102b21ae9bcfe8ada0e8f20
Size/MD5 checksum: 412750 6514158a601f1f553c2930a647f777a1
Size/MD5 checksum: 282464 ceca3e409d28a80f4fc409a01f605065
Size/MD5 checksum: 292584 0435ab52cdf05454cc911432c03276fa
Size/MD5 checksum: 850022 2ff3573cbdd9dd0d89666a619c7e43b9
Size/MD5 checksum: 302546 e1dfd28c264c5f99ce6e6e7b25500b61
Size/MD5 checksum: 496608 e75ba2ed5ddbc07fda238362eb338704
Size/MD5 checksum: 303562 63f271eb8cce73be1f042c6c31e2224f
Size/MD5 checksum: 5292026 c90ade8e22f2a466495af72b640582b0
Size/MD5 checksum: 303396 1048e079e19085fb49d8e8879b0c7682
amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 845666 571a85c907cd1049eb69c0a173ea229c
Size/MD5 checksum: 303486 1f72dfeb519ddbd0bbcda4adc7ac9fcd
Size/MD5 checksum: 480076 4fb675f2161719be5c34e6a3ae3f493a
Size/MD5 checksum: 5396674 fb795f5e2f82bd737dc5b683ae762f2c
Size/MD5 checksum: 295840 bb76af77727dba4e073015558c2d0d3f
Size/MD5 checksum: 281942 c26daa35278a30b9a24d2ec3eeb1b36e
Size/MD5 checksum: 638362 6640776b67da831335bff1c416c078f0
Size/MD5 checksum: 303242 0fa23a3b0d13ad45f44abbb8e12b8ae5
Size/MD5 checksum: 293468 21691ffbf4b375416cb6a373acca3c5d
Size/MD5 checksum: 493324 4edc87e5bf26ae5741deec0a4f98f4f5
Size/MD5 checksum: 1719356 c8d1430b1c726bfc14099a3385caa738
Size/MD5 checksum: 410660 16bdc75eb32b9ce92b073687fc3a0964
Size/MD5 checksum: 303432 f7ba00803839065631bfe1d1774dbfaa
arm architecture (ARM)
Size/MD5 checksum: 301112 a5df14f8691ad685492dafd63dc40a9a
Size/MD5 checksum: 596638 6a0ad22877f25451441d1a2ac6290d63
Size/MD5 checksum: 483586 a07be84ebcbda4a5b66f369db5627609
Size/MD5 checksum: 294428 e8588b0615f24a8e1f59639d79dcc58c
Size/MD5 checksum: 846312 15aad136f44666278e3abd53d81ca6cf
Size/MD5 checksum: 292710 14405d350edd9785f50995c42af99ef6
Size/MD5 checksum: 280242 3cc152007f25c3e5e67ae2d76ae88ec8
Size/MD5 checksum: 402520 eb0b6808eff4627537ee849f85aa2022
Size/MD5 checksum: 467094 6d650f632413b6355d8ba2f723bace7a
Size/MD5 checksum: 1675396 9e06b75311d15c3c5be9c70247209223
Size/MD5 checksum: 299930 e65d0b6236715895ddca25c25dd3b97b
Size/MD5 checksum: 5259654 be81383c46ca9ce3078f466437e1e9a3
Size/MD5 checksum: 300516 320cc1a688d67ab0253e72f82d6837ed
armel architecture (ARM EABI)
Size/MD5 checksum: 292748 ee53aaa6f7fa8b32093780bb4d33cde5
Size/MD5 checksum: 404396 2fe5eb94911d6a90b2a9aa08c38b5070
Size/MD5 checksum: 302472 f4b14a63544be2869b0bea6eef7dd01b
Size/MD5 checksum: 468264 ace0d30bb34ab6ed6e6230d88b20385e
Size/MD5 checksum: 5261738 338f5f6b2b138851a68a15e4a82d7d44
Size/MD5 checksum: 304418 195fed8762913959c76ea6fce419f8ba
Size/MD5 checksum: 843082 761ef8055bce9b3c4d5ab8bbb0fec39d
Size/MD5 checksum: 617904 8fc6039c1f55341393731d17fa3cbc9c
Size/MD5 checksum: 301354 32f116f03847bdeb445ef53a1a64392d
Size/MD5 checksum: 1680462 00eaa8242cc38c6858f02aa6010b0be5
Size/MD5 checksum: 487118 60c101e156db1215276acbe6b2e91662
Size/MD5 checksum: 280808 f034ebbc37a1141201b0642b1c5ce609
Size/MD5 checksum: 294648 7c5feb74879f345288d413dfc404e189
hppa architecture (HP PA RISC)
Size/MD5 checksum: 652494 bdd549260649ec5216b767e6670d453c
Size/MD5 checksum: 282482 ed9acc19f9bd4c2b9e0318e5301ec21b
Size/MD5 checksum: 1754106 db3846471aa183611a8e22b1df814f4f
Size/MD5 checksum: 850706 c0d159121b84584dc6ee9084feef81dc
Size/MD5 checksum: 499172 0f920d4319ad9fadfaa17b42eaebeef6
Size/MD5 checksum: 297456 8b13d9c765d306d3948537aca5d7f60c
Size/MD5 checksum: 295136 2332f6e0d585899ee20c9bf891fd2c85
Size/MD5 checksum: 415660 4a6f05536add8e230dff66d8e1477ca6
Size/MD5 checksum: 485490 70898c3aa18cd89b5850823fe88a823b
Size/MD5 checksum: 308126 67f3cfbc784cf391eca9363171af7a66
Size/MD5 checksum: 306406 ca1829e26effaa6db3a664a1bcf6ed31
Size/MD5 checksum: 5846118 309f6cf75f5191917618a1d6cc9c88a6
Size/MD5 checksum: 305492 d557255266eddd72e0e0f3e0cf3f0350
i386 architecture (Intel ia32)
Size/MD5 checksum: 846276 8904e921f569d49c48898455616a225b
Size/MD5 checksum: 302160 fce517b813ec95bdb4dc91e4afac6afb
Size/MD5 checksum: 301522 c692bc93def91950e4c0d1fc85284b19
Size/MD5 checksum: 601598 3102a66a1ef9f734d9567695c1395ea5
Size/MD5 checksum: 484238 3db017b7a0fb7f8b654026bfb9cac2b3
Size/MD5 checksum: 302654 0142e27f71eb4da69f30f21dbc3de996
Size/MD5 checksum: 293110 c1dfb0b0fb38eb5072cae1c0394d65ab
Size/MD5 checksum: 403946 36fce4dedbb3f6bf4ab3e794e1b2dff7
Size/MD5 checksum: 292790 bfc13b64b9a25c8d2546c2a6e2967fa2
Size/MD5 checksum: 1688248 22fa912a6476c73143d0b3211fb50d69
Size/MD5 checksum: 281106 63baba2ede2a73df82db984ea552eaba
Size/MD5 checksum: 471074 b016f3701bf1399bde859ad7ec66797e
Size/MD5 checksum: 5271840 8050cbafd4da41bdd9850fad342f97cb
ia64 architecture (Intel ia64)
Size/MD5 checksum: 319174 bd93cfb6285d8caf545ac9014a973f47
Size/MD5 checksum: 6297724 974938f16dac005b5a0ee07ff1ea2921
Size/MD5 checksum: 519614 c2517331838f591f6fdd436a3b45732a
Size/MD5 checksum: 284402 5380c1aab98a54095130b4781f3a5bd6
Size/MD5 checksum: 299858 93ccd26207962d4fb7d9a9a551d12dae
Size/MD5 checksum: 435312 78bb55475e05c7e74db059efbbc4fbfd
Size/MD5 checksum: 308564 5a680205b9fc3ef3b94cbfb8a3b6778b
Size/MD5 checksum: 545066 f31ea097ca6fb7fe777b1ea587286146
Size/MD5 checksum: 317924 aa46b5e43a77e999344e1720a7f1cc23
Size/MD5 checksum: 754168 015d6208e1ad03c5806ee9a58a930fb3
Size/MD5 checksum: 1900298 c1be7fc4b7fc67547603a483af7f01eb
Size/MD5 checksum: 314322 1016a0a61fa12791f13318561e9b97f2
Size/MD5 checksum: 855894 08340a83f05b433bca4443dd0be900c0
mips architecture (MIPS (Big Endian))
Size/MD5 checksum: 280824 9d737d0dc0acf9055ecc657118aa9c7e
Size/MD5 checksum: 292294 08d42e146a89f7132c82f2ae67cf1698
Size/MD5 checksum: 483634 08cd152ce9fd63e3eeece599df1449b7
Size/MD5 checksum: 604048 3548964a83f2f69174f3693541c46527
Size/MD5 checksum: 304730 d88a4b1eaca75777f183d1b3805e5fd1
Size/MD5 checksum: 293740 de528828c800bfa0bed5836d21704eb6
Size/MD5 checksum: 5609952 98207f66229a7cba96dbff6edfdcdb4a
Size/MD5 checksum: 481756 8ea690b4c4daa0460c2e3412272bd104
Size/MD5 checksum: 1691686 f134df5ae470e2bb8b2dd6ca8e3d8779
Size/MD5 checksum: 297262 4bd8ae165343e6489a1f5b9a6a5cd4da
Size/MD5 checksum: 301784 b0d15ff913d66b760fa9000a83d3ab27
Size/MD5 checksum: 402942 ff630be7e9e6229695994df4e25e11ee
Size/MD5 checksum: 848336 1b932203bd8e8baf5a4307a5b7778e2f
mipsel architecture (MIPS (Little Endian))
Size/MD5 checksum: 1696030 3b0829b86399ce53dbe1188e70c1a78c
Size/MD5 checksum: 301480 472e2c684007f77c9ecfe9fa42bd7686
Size/MD5 checksum: 404854 a35bd48eea687ea6c9a3331bf55adaf1
Size/MD5 checksum: 5252282 110beaf8d7f557dd3ef97b804136c15c
Size/MD5 checksum: 482706 af03252ce37654b85caaf41ebfca1196
Size/MD5 checksum: 293424 2374fc8f0514c65204d2ee0a5c3465e9
Size/MD5 checksum: 598974 a5d5e7189d6db741c7c28fe6bfac05db
Size/MD5 checksum: 848560 107e8cdbdcfe6622efd3b7ec4471716a
Size/MD5 checksum: 304488 0978c16fe8881b831f5f785d2f0444b6
Size/MD5 checksum: 292364 b3fdce319c64a2b1bcecb425af52ffbf
Size/MD5 checksum: 280606 a4157b04e7d3976b9a7d8a92e1d3c97f
Size/MD5 checksum: 296948 cd95f5279997623df7403ae1b58dbe65
Size/MD5 checksum: 480668 fc5e08f5421bc87007892520cf4d114b
powerpc architecture (PowerPC)
Size/MD5 checksum: 687120 b5ba0ecb169616cbc705e4fe1dbc1187
Size/MD5 checksum: 304296 e74dd35d64343055f062086b09458010
Size/MD5 checksum: 843038 18630957eeed0e693346d3695aee7a94
Size/MD5 checksum: 5739044 b4c701814ffaa5738894c882fcf7b74e
Size/MD5 checksum: 304202 e07ea8c0c416911cebe11c347827b396
Size/MD5 checksum: 305960 ef4634ffa4c421b1ce6c9fdc58bbae3d
Size/MD5 checksum: 1752696 18078a6649670a81cbad13a6044d7ff0
Size/MD5 checksum: 407580 cbf28cbd152557d69861e2cb830e7e35
Size/MD5 checksum: 281662 6909aed0f1c3d789e2ab67ca5373379b
Size/MD5 checksum: 487876 828a499f5cd567d4cf88e2775f1d0aaf
Size/MD5 checksum: 295514 b45b1f88d3e4cc6f7d00d0e0bbac8705
Size/MD5 checksum: 478762 bae27b622ad03ea1a382f03eac528dbb
Size/MD5 checksum: 297176 f65f4b053bc0892e6a2ba0ca914d880f
s390 architecture (IBM S/390)
Size/MD5 checksum: 1730350 f41be22f8262af1f4540ca4bc1680677
Size/MD5 checksum: 300668 d1a5bc25e9d7819ad1049ea95f6d80ce
Size/MD5 checksum: 5796748 9e2883b18efac7b7d4b875e5697d37de
Size/MD5 checksum: 481518 63f8d61e524d4b8b94af08e036a12e81
Size/MD5 checksum: 295090 e44711502d6d684e63e55702c3d1d438
Size/MD5 checksum: 292752 e653df75aebf4c4f548cd1cc6dd160c1
Size/MD5 checksum: 282056 2d3e049ffe56d4280534d4999c76a514
Size/MD5 checksum: 414580 9755bc36a4267a6988fe2a2659fa26e9
Size/MD5 checksum: 497266 b284f4f919ea45236ec8dd90f3f7a8d2
Size/MD5 checksum: 304866 bae622095d30e03e51c547f1ec1c04f8
Size/MD5 checksum: 849306 cee8eba1376290a93293923eff962121
Size/MD5 checksum: 646130 5f66bac15cd9537700ce003406803f66
Size/MD5 checksum: 305020 47a362712b7ce51493d0a510747c38ea
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 292390 94c2fe6bae397b7910a1c10200beca96
Size/MD5 checksum: 473472 7ac8248b22829c242878814537e7c712
Size/MD5 checksum: 292982 c2ef03503fcc65c3ee403bd8dc51715a
Size/MD5 checksum: 1681186 7acead68688cc16aea9dadb1e780a573
Size/MD5 checksum: 467672 effc94bc0e2018019db0178bb7082c45
Size/MD5 checksum: 300226 78d2bff499903a85ac5fc8ba511e3c4c
Size/MD5 checksum: 596644 15110cbb7fe05a914a0bc0b3d10bd9ba
Size/MD5 checksum: 299990 2e85957a1d5fc8a64b3e4fcbf6e7419f
Size/MD5 checksum: 5477262 4936b523621fb3649ae954d6e976c4b5
Size/MD5 checksum: 299960 f57156b77889e5609b21e976f5e5dfca
Size/MD5 checksum: 280610 848619c9979ce9cf01617fb121806c68
Size/MD5 checksum: 847044 d8a3d848480065d37ffb8b74b0e6aa07
Size/MD5 checksum: 405166 67621bc140b8ec8ed100586bbb9433a0
These files will probably be moved into the stable distribution on
its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
