Adsons

    SciLinux: Moderate: postgresql security update

    Date08 May 2007
    787
    Posted ByLinuxSecurity Advisories
    Updated postgresql packages that fix several security issues are now available. A flaw was found in the way PostgreSQL allows authenticated users to [More...]
    Date:         Tue, 8 May 2007 17:54:50 -0500
    Reply-To:     Connie Sieh 
    Sender:       Security Errata for Scientific Linux
                  
    From:         Connie Sieh 
    Subject:      Security errata for postgresql on SL4 i386,x86_64, SL5 i386
    Comments: To: scientific 
    MIME-version: 1.0
    Content-type: TEXT/PLAIN; format=flowed; charset=US-ASCII
    
    Available from
    
    ftp://ftp.scientificlinux.org/linux/scientific/4x/i386/errata/SL/RPMS/
    ftp://ftp.scientificlinux.org/linux/scientific/4x/x86_64/errata/SL/RPMS/
    ftp://ftp.scientificlinux.org/linux/scientific/5x/i386/updates/security/
    
    ---------------------------------------------------------------------------
    Synopsis:          Moderate: postgresql security update
    Issue date:        2007-05-08
    CVE Names:         CVE-2007-2138
    
    Updated postgresql packages that fix several security issues are now
    available.
    
    A flaw was found in the way PostgreSQL allows authenticated users to
    execute security-definer functions.  It was possible for an unprivileged
    user to execute arbitrary code with the privileges of the security-definer
    function. (CVE-2007-2138)
    
    SL4:
    
       SRPMS:
     	postgresql-7.4.17-1.RHEL4.1.src.rpm
    
       i386:
     	postgresql-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-python-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-server-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-test-7.4.17-1.RHEL4.1.i386.rpm
    
        x86_64:
     	postgresql-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm
     	postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm
     	postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm
    
    SL5:
    
       SRPMS:
     	postgresql-8.1.9-1.el5.src.rpm
    
       i386:
     	postgresql-8.1.9-1.el5.i386.rpm
     	postgresql-contrib-8.1.9-1.el5.i386.rpm
     	postgresql-devel-8.1.9-1.el5.i386.rpm
     	postgresql-docs-8.1.9-1.el5.i386.rpm
     	postgresql-libs-8.1.9-1.el5.i386.rpm
     	postgresql-pl-8.1.9-1.el5.i386.rpm
     	postgresql-python-8.1.9-1.el5.i386.rpm
     	postgresql-server-8.1.9-1.el5.i386.rpm
     	postgresql-tcl-8.1.9-1.el5.i386.rpm
     	postgresql-test-8.1.9-1.el5.i386.rpm
    
    -Connie Sieh
    -Troy Dawson
    

    Comments powered by CComment

    Sidebar Ad

    LinuxSecurity Poll

    Does your company/organization utilize open-source software?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    5
    radio
    bottom200

    Advisories