Ubuntu 6.10 USN-369-2 Moderate: PostgreSQL-8.1 Server Crash
Nov 01, 2006
•
LinuxSecurity Advisories
2 - 3 min read
Topics Covered
USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10.
===========================================================
Ubuntu Security Notice USN-369-2 November 01, 2006
postgresql-8.1 vulnerabilities
CVE-2006-5540, CVE-2006-5541, CVE-2006-5542
==========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.10:
postgresql-8.1 8.1.4-7ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS.
This update provides the corresponding update for Ubuntu 6.10.
Original advisory details:
Michael Fuhr discovered an incorrect type check when handling unknown
literals. By attempting to coerce such a literal to the ANYARRAY type,
a local authenticated attacker could cause a server crash. (CVE-2006-5541)
Josh Drake and Alvaro Herrera reported a crash when using aggregate
functions in UPDATE statements. A local authenticated attacker could
exploit this to crash the server backend. This update disables this
construct, since it is not very well defined and forbidden by the SQL
standard. (CVE-2006-5540)
Sergey Koposov discovered a flaw in the duration logging. This could
cause a server crash under certain circumstances. (CVE-2006-5542)
Please note that these flaws can usually not be exploited through web
and other applications that use a database and are exposed to
untrusted input, so these flaws do not pose a threat in usual setups.
Updated packages for Ubuntu 6.10:
Source archives:
Size/MD5: 52401 af21a893e2947a1e467d5e98663031e7
Size/MD5: 1176 04b8d59e5fdb061ebc2a0b1e86c4220d
Size/MD5: 11312643 c6554a0ef948ab2b18b617954e1788fe
Architecture independent packages:
Size/MD5: 1442056 4263930dd4391fd81944a82c372f3cba
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 152924 5fb69c85456514e2f78072efc3956ec0
Size/MD5: 344912 a34d581ae43ce95f0758f3128d2c07e5
Size/MD5: 173428 733938955a0112fb6fedc835f5456052
Size/MD5: 175450 5412a17f17d49c3090cb7fcbcc136e7b
Size/MD5: 312606 3b5e8a5d6cffa8b48f82575458503d22
Size/MD5: 206680 559c766535f53918647783563d797582
Size/MD5: 3256168 a0bbda514074cd42271529eb07e94ecd
Size/MD5: 769328 3323f21f5fd11c660e74e0b2a3d480f6
Size/MD5: 619156 08c3d6be3fa11d19eccdbb9986e659d4
Size/MD5: 169362 d5cec1f551207e2e734bf6fab2317ef9
Size/MD5: 163748 b99d7a9fafcfd3e8b616ef1f483c4da9
Size/MD5: 164056 17bb99f0f7ab3edf2391271d64e0feda
Size/MD5: 596412 1d3f23de9e73e3f3c97b2532d7b4c5c8
i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 152234 5ec67e24a0c39547dd1a4594f43c9ba2
Size/MD5: 342026 a3628ec749e0d789575496d8ef383a31
Size/MD5: 172122 21c2f681f5c623d65d8a8a83ca5ee4fe
Size/MD5: 175124 547e40b4cdb2fb8f6c01a443b21a9edb
Size/MD5: 305840 49c8db9e9ee18d99ce45c1b4cc64c3b6
Size/MD5: 202648 e02cd0e97ea04f3ed9808562cdd61b16
Size/MD5: 3155738 8b8a255cfc36bb6207d4972d30114c4f
Size/MD5: 739926 42db79545ef912384d45a9e321aa7889
Size/MD5: 587552 7b3612cd963fd40b7626f19940f5cc85
Size/MD5: 168202 da95c00f91be43d6c4651144fd5d78ce
Size/MD5: 161630 f781234805909d6efabcd1e0ec42bfc5
Size/MD5: 163002 76e987350cb8feb799663e0b72c77a4f
Size/MD5: 596394 460bfba660947b82c1616353d5171e96
powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 153756 f269e9370aa649d122994aa7907104b5
Size/MD5: 339348 af5a24b146f61084c6b94b796d3a653a
Size/MD5: 174288 5142ebdd438cf151e0f405ff4855f2dc
Size/MD5: 178260 0d0a813c48e899bb9cff5a41a8398fbd
Size/MD5: 308032 c11439a9a23ead70ddb60fd1b2264003
Size/MD5: 204732 019d45db40122878bd2f64e25b58702f
Size/MD5: 3555700 d07b565f5be335ff6761da96b7d88f26
Size/MD5: 779658 251e7a8eed17c33eb868dcf0018970d7
Size/MD5: 639686 bea4a0e9f449f75f56554c79f252e9fd
Size/MD5: 169106 16226facd3e893b889cb72eb9e8df42c
Size/MD5: 163948 d9996a974e94652834ca4c1d1df5013d
Size/MD5: 165024 2df3b4f4878f006eec5ce7305672d752
Size/MD5: 596432 d35808efc5c022dab90461e0dccfccca
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5: 151610 d7e6bb8c226664538a41c05bd8efcc80
Size/MD5: 335088 b0309c99b0f904414afaf29e27ef4aa0
Size/MD5: 171724 474c5c7903229f404bc042d00910fe34
Size/MD5: 173454 dcd4fc4f2550bf80130fb7e1b02da2b4
Size/MD5: 305174 268c509165f58d3ef83491e49cfbdda2
Size/MD5: 201412 d5e3d6dcca7b83ba18a90da314443c26
Size/MD5: 3482382 515aaee1feeda7549efb2543cf30b167
Size/MD5: 754506 cc62cd3ba7ecb37f88a0a13abb0c7a49
Size/MD5: 598348 fb2b4f26146e27d75c2ed580f2b59be0
Size/MD5: 167762 69bfb050570fc151fb2d251855ded8f4
Size/MD5: 162366 4a38b861e8eb528bc4e96e1f64b27a04
Size/MD5: 163042 68c9e99678283f3b2cf0f73db8b845e2
Size/MD5: 596424 5a9b3e7626e3664578060f8292199f62
PREVIOUS
NEXT
Ubuntu 6.10 USN-369-2 Moderate: PostgreSQL-8.1 Server Crash
ubuntu
November 1, 2006
USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS
Summary
Topics Covered
Update Instructions
References
Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-369-2 November 01, 2006
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!