Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Red Hat 7.1: RHSA-2003:282-01 Critical: PostgreSQL Security Flaw

red hat
Calendar Grey October 9, 2003
Dist Redhat Esm H88
Updated PostgreSQL components issued by SUSE address a critical memory corruption issue that threatens the integrity of user credentials stored in the system.
Passwords for MySQL users are stored in the Password field of theuser table

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. RPMs required:

Red Hat Linux 7.1:

SRPMS:


i386:




Red Hat Linux 7.1 for iSeries (64 bit):

SRPMS:


ppc:




Red Hat Linux 7.1 for pSeries (64 bit):

SRPMS:


ppc:




Red Hat Linux 7.2:

SRPMS:


i386:




ia64:




Red Hat Linux 7.3:

SRPMS:


i386:




Red Hat Linux 8.0:

SRPMS:


i386:




Red Hat Linux 9:

SRPMS:


i386:






6. Verification:

MD5 sum Package Name 1af9dba0f82c30e3bd06a22ad3cce47f 7.1/en/os/SRPMS/mysql-3.23.58-2.71.src.rpm cb8182bcfe17aa1829e0e62032e79d8c 7.1/en/os/i386/mysql-3.23.58-2.71.i386.rpm 7ce3f107817c4c32163c7b2b085317bf 7.1/en/os/i386/mysql-devel-3.23.58-2.71.i386.rpm a63d0198da176c5e25738bebc7adf96b 7.1/en/os/i386/mysql-server-3.23.58-2.71.i386.rpm 1af9dba0f82c30e3bd06a22ad3cce47f 7.1/en/os/iSeries/SRPMS/mysql-3.23.58-2.71.src.rpm 892b2616bdc5efd5e37fd91e6d220fb8 7.1/en/os/iSeries/ppc/mysql-3.23.58-2.71.ppc.rpm bd60781e5bbf60f87d027f6d6460c39f 7.1/en/os/iSeries/ppc/mysql-devel-3.23.58-2.71.ppc.rpm 846b26298bdf3e437954eed63757bf6e 7.1/en/os/iSeries/ppc/mysql-server-3.23.58-2.71.ppc.rpm 1af9dba0f82c30e3bd06a22ad3cce47f 7.1/en/os/pSeries/SRPMS/mysql-3.23.58-2.71.src.rpm 892b2616bdc5efd5e37fd91e6d220fb8 7.1/en/os/pSeries/ppc/mysql-3.23.58-2.71.ppc.rpm bd60781e5bbf60f87d027f6d6460c39f 7.1/en/os/pSeries/ppc/mysql-devel-3.23.58-2.71.ppc.rpm 846b26298bdf3e437954eed63757bf6e 7.1/en/os/pSeries/ppc/mysql-server-3.23.58-2.71.ppc.rpm ca6ec39d94f16bf21ae966d674e8ad15 7.2/en/os/SRPMS/mysql-3.23.58-1.72.src.rpm fd4adfe080eee307a9a78daf49688dae 7.2/en/os/i386/mysql-3.23.58-1.72.i386.rpm a1bb526948f3fafbff27f65f2f2646f4 7.2/en/os/i386/mysql-devel-3.23.58-1.72.i386.rpm 0ef086ea42e5daf662b238c4cd3941b4 7.2/en/os/i386/mysql-server-3.23.58-1.72.i386.rpm 592cbe1df440454be5de2bde4da0aeeb 7.2/en/os/ia64/mysql-3.23.58-1.72.ia64.rpm fb82da0bd237e8e47757deea248966f6 7.2/en/os/ia64/mysql-devel-3.23.58-1.72.ia64.rpm 321d0908982321e779c93b8b933f4d89 7.2/en/os/ia64/mysql-server-3.23.58-1.72.ia64.rpm a9e7a07bb76dd1320e0c395ce48231b1 7.3/en/os/SRPMS/mysql-3.23.58-1.73.src.rpm 03bdb421e367c398282ea54b6cc33bfb 7.3/en/os/i386/mysql-3.23.58-1.73.i386.rpm ade8d6e100916f3bbfac27e88700179b 7.3/en/os/i386/mysql-devel-3.23.58-1.73.i386.rpm e197723474c4dccdcb689d6208edd766 7.3/en/os/i386/mysql-server-3.23.58-1.73.i386.rpm c5420710b963e4b402a5ce1b0af50f5a 8.0/en/os/SRPMS/mysql-3.23.58-1.80.src.rpm d72af1bf81fb3cdd5f1696196122dd59 8.0/en/os/i386/mysql-3.23.58-1.80.i386.rpm be0a150e64c0c68249b7dfb6f723d696 8.0/en/os/i386/mysql-devel-3.23.58-1.80.i386.rpm 7e9295efeca974cbadc61ee2a02f6d59 8.0/en/os/i386/mysql-server-3.23.58-1.80.i386.rpm f3320713e2a1bc787e249738bec90c4d 9/en/os/SRPMS/mysql-3.23.58-1.9.src.rpm aa674d9d284788f8c354f3f20b6aec57 9/en/os/i386/mysql-3.23.58-1.9.i386.rpm 8eac37417227bf2c0c7d13a2eafcb80f 9/en/os/i386/mysql-devel-3.23.58-1.9.i386.rpm 78b516147ff717a2db347260e85e6688 9/en/os/i386/mysql-server-3.23.58-1.9.i386.rpm


These packages are GPG signed by Red Hat for security. Our key is available from https://access.redhat.com/security/team/key

You can verify each package with the following command:

rpm --checksig -v

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:

md5sum


Summary

Topics%20covered

Topics Covered

security advisory update buffer overflow red hat critical mysql

References

/doc/en/News-3.23.58.html /doc/en/News-3.23.57.html CVE -CVE-2003-0780

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2003:281-01
Issue date: 2003-10-09
Updated on: 2003-10-09
Product: Red Hat Linux
Keywords:
Cross references:
Obsoletes: RHSA-2003:093

Topic

Topics%20covered

Topics Covered

security advisory update buffer overflow red hat critical mysql

Relevant Releases Architectures

Red Hat Linux 7.1 - i386

Red Hat Linux 7.1 for iSeries (64 bit) - ppc

Red Hat Linux 7.1 for pSeries (64 bit) - ppc

Red Hat Linux 7.2 - i386, ia64

Red Hat Linux 7.3 - i386

Red Hat Linux 8.0 - i386

Red Hat Linux 9 - i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here