SciLinux: CVE-2007-2138 postgresql SL4 i386,x86_64, SL5 i386

Date:         Tue, 8 May 2007 17:54:50 -0500
Reply-To:     Connie Sieh 
Sender:       Security Errata for Scientific Linux
              
From:         Connie Sieh 
Subject:      Security errata for postgresql on SL4 i386,x86_64, SL5 i386
Comments: To: scientific 

Available from


---------------------------------------------------------------------------
Synopsis:          Moderate: postgresql security update
Issue date:        2007-05-08
CVE Names:         CVE-2007-2138

Updated postgresql packages that fix several security issues are now
available.

A flaw was found in the way PostgreSQL allows authenticated users to
execute security-definer functions.  It was possible for an unprivileged
user to execute arbitrary code with the privileges of the security-definer
function. (CVE-2007-2138)

SL4:

   SRPMS:
 	postgresql-7.4.17-1.RHEL4.1.src.rpm

   i386:
 	postgresql-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-python-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-server-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-test-7.4.17-1.RHEL4.1.i386.rpm

    x86_64:
 	postgresql-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm
 	postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm
 	postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm

SL5:

   SRPMS:
 	postgresql-8.1.9-1.el5.src.rpm

   i386:
 	postgresql-8.1.9-1.el5.i386.rpm
 	postgresql-contrib-8.1.9-1.el5.i386.rpm
 	postgresql-devel-8.1.9-1.el5.i386.rpm
 	postgresql-docs-8.1.9-1.el5.i386.rpm
 	postgresql-libs-8.1.9-1.el5.i386.rpm
 	postgresql-pl-8.1.9-1.el5.i386.rpm
 	postgresql-python-8.1.9-1.el5.i386.rpm
 	postgresql-server-8.1.9-1.el5.i386.rpm
 	postgresql-tcl-8.1.9-1.el5.i386.rpm
 	postgresql-test-8.1.9-1.el5.i386.rpm

-Connie Sieh
-Troy Dawson

Date: Tue, 8 May 2007 17:54:50 -0500Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: Security errata for postgresql on SL4 i386,x86_64, SL5 i386Comments: To: scientific Available from---------------------------------------------------------------------------Synopsis: Moderate: postgresql security updateIssue date: 2007-05-08CVE Names: CVE-2007-2138Updated postgresql packages that fix several security issues are nowavailable.A flaw was found in the way PostgreSQL allows authenticated users toexecute security-definer functions. It was possible for an unprivilegeduser to execute arbitrary code with the privileges of the security-definerfunction. (CVE-2007-2138)SL4: SRPMS: postgresql-7.4.17-1.RHEL4.1.src.rpm i386: postgresql-7.4.17-1.RHEL4.1.i386.rpm postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm postgresql-python-7.4.17-1.RHEL4.1.i386.rpm postgresql-server-7.4.17-1.RHEL4.1.i386.rpm postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm postgresql-test-7.4.17-1.RHEL4.1.i386.rpm x86_64: postgresql-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpmSL5: SRPMS: postgresql-8.1.9-1.el5.src.rpm i386: postgresql-8.1.9-1.el5.i386.rpm postgresql-contrib-8.1.9-1.el5.i386.rpm postgresql-devel-8.1.9-1.el5.i386.rpm postgresql-docs-8.1.9-1.el5.i386.rpm postgresql-libs-8.1.9-1.el5.i386.rpm postgresql-pl-8.1.9-1.el5.i386.rpm postgresql-python-8.1.9-1.el5.i386.rpm postgresql-server-8.1.9-1.el5.i386.rpm postgresql-tcl-8.1.9-1.el5.i386.rpm postgresql-test-8.1.9-1.el5.i386.rpm-Connie Sieh-Troy Dawson

SciLinux: CVE-2007-2138 postgresql SL4 i386,x86_64, SL5 i386

Summary

Security Fixes

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By