Ubuntu 1002-2: PostgreSQL vulnerability
October 7, 2010
USN-1002-1 fixed vulnerabilities in PostgreSQL
Summary
Update Instructions
References
Severity
postgresql-8.4 vulnerability
Package Information
==========================================================Ubuntu Security Notice USN-1002-2 October 07, 2010
postgresql-8.4 vulnerability
CVE-2010-3433
==========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.10:
postgresql-plperl-8.4 8.4.5-0ubuntu10.10
postgresql-pltcl-8.4 8.4.5-0ubuntu10.10
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
Details follow:
USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the
corresponding update for Ubuntu 10.10.
Original advisory details:
It was discovered that PostgreSQL did not properly enforce permissions
within sessions when PL/Perl and PL/Tcl functions or operators were
redefined. A remote authenticated attacker could exploit this to execute
arbitrary code with permissions of a different user, possibly leading to
privilege escalation.
Updated packages for Ubuntu 10.10:
Source archives:
Size/MD5: 39535 23f8b3a352178737bb56ead8312c86ce
Size/MD5: 2618 ed2b36e5dae9278e12d57c3d5c12d41c
Size/MD5: 17590296 8ddea33493bf5cf6f5ea62212bb079df
Architecture independent packages:
Size/MD5: 18046 1c384292787a8d1a5dd42f17e2a7efc8
Size/MD5: 17944 bd565d773cf1f570cfe8f90bbebac5dc
Size/MD5: 2118952 1c0163b0b9458c91cee4f8f0f9a4cfe4
Size/MD5: 3450 26111ec43a687d13ce3fa44f9664fe6a
Size/MD5: 18084 848a9af8970f015693af8ae73fe0a2cb
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 11340 130564cc4628ceafc3921713ab2e4dcc
Size/MD5: 240990 e3f6824a873520f17e230a62ad05ac80
Size/MD5: 33164 308b7aaa612e6c680f5583590e62986e
Size/MD5: 49340 f24763b931ba512742dd6d03f86d62c5
Size/MD5: 201420 36249bf7794d77cfb7c05ff4901c0317
Size/MD5: 88556 20c083d536a138cc44bfa460b93d1eb3
Size/MD5: 4030288 6384be605d8d3597b9d34be34fafaa03
Size/MD5: 822908 055d780c681d443e7d31a0b36d7d5ed8
Size/MD5: 406728 3230bf51c73075032ac03f65770ad976
Size/MD5: 630842 fb7866cb18076664c304d81e0b8cb021
Size/MD5: 46686 f8834eb50b0298b2e09f44ce3dde5946
Size/MD5: 39898 53066a883e73930773d282bf302e9fdb
Size/MD5: 37482 73ed6ddaf822a4fb9a5d4ad990e9adbb
i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 10310 7c4f24a65407a0b9ff04e7d8b47b994a
Size/MD5: 226046 419eb5e75f5d6c7864fd0c0bef7d1afd
Size/MD5: 32056 1319f823acea5395a7d85887486def9d
Size/MD5: 48064 2e7044fcb4a110609eb22abaed4e72c8
Size/MD5: 193026 80f3d8d52adb51ac873755fa28dd5bca
Size/MD5: 83006 2fe4cf19bf4fab85621b09f397bf99a1
Size/MD5: 3883064 f1e96cb6c5338ef0c0d3ed565d02fba4
Size/MD5: 776358 f2b56866bd98a688fa76504e4b36647b
Size/MD5: 363476 21f6d13a2d2b7f7b8a2d9a1e53130684
Size/MD5: 633542 351ba2390d1ba28b8ff623cdf3839fd9
Size/MD5: 45058 192433c49f49f994149c7b6e5624348b
Size/MD5: 37484 e0af027de047269a78024c65d45396ef
Size/MD5: 36514 ed256af80099b8bd118dab3299ce0549
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 10728 2038e12c84261eb4d5b4334e9b341163
Size/MD5: 241180 b55e26e2973cf5d7b359c382f3399dd7
Size/MD5: 34290 0572b2444e501ec930a167a86722450b
Size/MD5: 51950 5ac477b5e3b958cbcd7402e6a5bcd9a6
Size/MD5: 199520 413218cd3db4eac23f69b3aa1ffb2dc3
Size/MD5: 86118 99303c47040f76c0a759877668c3e41d
Size/MD5: 4332980 ff598d1c98e57ae87d0a825869ea84af
Size/MD5: 823870 c4dd1c0be504e1204d0bea21cd85d01b
Size/MD5: 390012 b678b43d6814d4aa625f6d9b6c232d30
Size/MD5: 632088 d518262b6c78c1de5be3a21629b28456
Size/MD5: 45952 583c39e67e37c14a937e2a08655a96ae
Size/MD5: 39004 b70e2b185875c7cdcb14e3a361589c0e
Size/MD5: 37188 66e750905a43b134ed13e79106412e52
