[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1HFJvx-0000hL-Bi@artemis.annvix.ca>
Date: Thu, 08 Feb 2007 17:48:13 -0700
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2007:037-1 ] - Updated postgresql
packages address multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2007:037-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : postgresql
Date : February 8, 2007
Affected: 2007.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Jeff Trout discovered that the PostgreSQL server did not sufficiently
check data types of SQL function arguments in some cases. A user could
then exploit this to crash the database server or read out arbitrary
locations of the server's memory, which could be used to retrieve
database contents that the user should not be able to see. Note that a
user must be authenticated in order to exploit this (CVE-2007-0555).
As well, Jeff Trout also discovered that the query planner did not
verify that a table was still compatible with a previously-generated
query plan, which could be exploted to read out arbitrary locations of
the server's memory by using ALTER COLUMN TYPE during query execution.
Again, a user must be authenticated in order to exploit this
(CVE-2007-0556).
Update:
The previous update updated PostgreSQL to upstream versions, including
8.1.7 which contained a bug with typemod data types used with check
constraints and expression indexes. This regression has been corrected
in the new 8.1.8 version that is being provided.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.0:
c90747c3f8b528b85b16642928752c59 2007.0/i586/libecpg5-8.1.8-1.1mdv2007.0.i586.rpm
02a28236dbd9aa5d1060fddeb3c6f656 2007.0/i586/libecpg5-devel-8.1.8-1.1mdv2007.0.i586.rpm
9113ea83c03b369d32c57e0b68325278 2007.0/i586/libpq4-8.1.8-1.1mdv2007.0.i586.rpm
dff91d9381a47da6a3bfe5d6c3fe2519 2007.0/i586/libpq4-devel-8.1.8-1.1mdv2007.0.i586.rpm
51969dfad9ba7a74e22882e1db7f559b 2007.0/i586/postgresql-8.1.8-1.1mdv2007.0.i586.rpm
affaf35323d0583d759dbdc832792cc5 2007.0/i586/postgresql-contrib-8.1.8-1.1mdv2007.0.i586.rpm
c25d7922f0984ea6947399dca9ec71c9 2007.0/i586/postgresql-devel-8.1.8-1.1mdv2007.0.i586.rpm
de46e08411f5eb3d2349d9032b7a3b55 2007.0/i586/postgresql-docs-8.1.8-1.1mdv2007.0.i586.rpm
64732375d78f10a418aaf84a843072a6 2007.0/i586/postgresql-pl-8.1.8-1.1mdv2007.0.i586.rpm
443d82af4b6dec2df4955675913c1c57 2007.0/i586/postgresql-plperl-8.1.8-1.1mdv2007.0.i586.rpm
4a38fd10cbc9ebb175710accdb265606 2007.0/i586/postgresql-plpgsql-8.1.8-1.1mdv2007.0.i586.rpm
6f95a8cdae62756195214f593e47c16b 2007.0/i586/postgresql-plpython-8.1.8-1.1mdv2007.0.i586.rpm
e19c9b2ecc7137ef425013f06a408647 2007.0/i586/postgresql-pltcl-8.1.8-1.1mdv2007.0.i586.rpm
c25c09078350d7e44e04eca1bbf48247 2007.0/i586/postgresql-server-8.1.8-1.1mdv2007.0.i586.rpm
5be6ca33b73216b8d84cfe3695c9f45e 2007.0/i586/postgresql-test-8.1.8-1.1mdv2007.0.i586.rpm
c2d53fbc9eace270498003c9bc6db702 2007.0/SRPMS/postgresql-8.1.8-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
9fa0cf41fc100317651fd335e42e89d8 2007.0/x86_64/lib64ecpg5-8.1.8-1.1mdv2007.0.x86_64.rpm
ac631e1f5b06d734a14036e53e6c9799 2007.0/x86_64/lib64ecpg5-devel-8.1.8-1.1mdv2007.0.x86_64.rpm
cc6a13d12741ee555d2e57795421db2c 2007.0/x86_64/lib64pq4-8.1.8-1.1mdv2007.0.x86_64.rpm
96bdec5afaa2e0ecc39ce1234de157fd 2007.0/x86_64/lib64pq4-devel-8.1.8-1.1mdv2007.0.x86_64.rpm
fe56c10801c62d066ffef1dfb3759478 2007.0/x86_64/postgresql-8.1.8-1.1mdv2007.0.x86_64.rpm
bddf713d296a712ef564ef2386da28e7 2007.0/x86_64/postgresql-contrib-8.1.8-1.1mdv2007.0.x86_64.rpm
8fae942233a8dd1d09d5decb79f0d42d 2007.0/x86_64/postgresql-devel-8.1.8-1.1mdv2007.0.x86_64.rpm
66f8de3e958cbdd3c4a54ab33b3cd65b 2007.0/x86_64/postgresql-docs-8.1.8-1.1mdv2007.0.x86_64.rpm
e10f521991c2a344b83dc41404a7bdc8 2007.0/x86_64/postgresql-pl-8.1.8-1.1mdv2007.0.x86_64.rpm
0ee1f3f8b2a5ad525059a84411fa77cd 2007.0/x86_64/postgresql-plperl-8.1.8-1.1mdv2007.0.x86_64.rpm
3bfd69ae9819b20d6e3b2d0f2f2914ee 2007.0/x86_64/postgresql-plpgsql-8.1.8-1.1mdv2007.0.x86_64.rpm
d43c59da2cc8b94d29cba08dbb8dc5d7 2007.0/x86_64/postgresql-plpython-8.1.8-1.1mdv2007.0.x86_64.rpm
cb4ca5a0639f6156c93d2847aee768e8 2007.0/x86_64/postgresql-pltcl-8.1.8-1.1mdv2007.0.x86_64.rpm
4daa3593803d7e0b16f610ff0ba3140c 2007.0/x86_64/postgresql-server-8.1.8-1.1mdv2007.0.x86_64.rpm
3fe5c0e800801ac0aad676c6d9c49cd7 2007.0/x86_64/postgresql-test-8.1.8-1.1mdv2007.0.x86_64.rpm
c2d53fbc9eace270498003c9bc6db702 2007.0/SRPMS/postgresql-8.1.8-1.1mdv2007.0.src.rpm
Corporate 4.0:
3646b7d3426103702434428a67144dea corporate/4.0/i586/libecpg5-8.1.8-0.1.20060mlcs4.i586.rpm
1c5bd6440fe39f52fb085295807d99b8 corporate/4.0/i586/libecpg5-devel-8.1.8-0.1.20060mlcs4.i586.rpm
85ca75e8c44c87f9721f91da8fcff8c2 corporate/4.0/i586/libpq4-8.1.8-0.1.20060mlcs4.i586.rpm
edcd0beb041c7453734c5c16a789a157 corporate/4.0/i586/libpq4-devel-8.1.8-0.1.20060mlcs4.i586.rpm
9a7878356b498bed4489d75770c1d276 corporate/4.0/i586/postgresql-8.1.8-0.1.20060mlcs4.i586.rpm
8656f3a7c9c2bb9dfff47d84cd7bca71 corporate/4.0/i586/postgresql-contrib-8.1.8-0.1.20060mlcs4.i586.rpm
a1f44fd61edfb309c2f0477d18b4f25e corporate/4.0/i586/postgresql-devel-8.1.8-0.1.20060mlcs4.i586.rpm
3d4f14265c27d64d01cea5b1d87c2ca3 corporate/4.0/i586/postgresql-docs-8.1.8-0.1.20060mlcs4.i586.rpm
0870c7e4c4f1c9948d4fa89a9755d344 corporate/4.0/i586/postgresql-pl-8.1.8-0.1.20060mlcs4.i586.rpm
f430b170ee5798155c8e30c1da041d72 corporate/4.0/i586/postgresql-plperl-8.1.8-0.1.20060mlcs4.i586.rpm
b5875fd10fe7e2296431762e95e1433e corporate/4.0/i586/postgresql-plpgsql-8.1.8-0.1.20060mlcs4.i586.rpm
b163388a7e53e73dc11164cb2ffb6069 corporate/4.0/i586/postgresql-plpython-8.1.8-0.1.20060mlcs4.i586.rpm
8d34cb89cd0fb36c1d1f59fc94c296f5 corporate/4.0/i586/postgresql-pltcl-8.1.8-0.1.20060mlcs4.i586.rpm
13c6da736f8d3cd712629435b2f97acd corporate/4.0/i586/postgresql-server-8.1.8-0.1.20060mlcs4.i586.rpm
fb84b767af0906777a463cc52c96ae82 corporate/4.0/i586/postgresql-test-8.1.8-0.1.20060mlcs4.i586.rpm
ecec0536648eedafd8d14c05f530a713 corporate/4.0/SRPMS/postgresql-8.1.8-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
de38a16b9ea4740ce062537e407f8dba corporate/4.0/x86_64/lib64ecpg5-8.1.8-0.1.20060mlcs4.x86_64.rpm
11bc707a0e4632ef7c2b4b0178ee41a3 corporate/4.0/x86_64/lib64ecpg5-devel-8.1.8-0.1.20060mlcs4.x86_64.rpm
be32ff79999384264518fc36cddf6557 corporate/4.0/x86_64/lib64pq4-8.1.8-0.1.20060mlcs4.x86_64.rpm
2a29c2a494239f4e868a26eb21d10fc1 corporate/4.0/x86_64/lib64pq4-devel-8.1.8-0.1.20060mlcs4.x86_64.rpm
94e0e3b49c4dd3fe7c5ff53a16684ac6 corporate/4.0/x86_64/postgresql-8.1.8-0.1.20060mlcs4.x86_64.rpm
6b98440fa37a0c36583338f21dab0ba5 corporate/4.0/x86_64/postgresql-contrib-8.1.8-0.1.20060mlcs4.x86_64.rpm
437e389ba99fba84f0b0dd4498a2b065 corporate/4.0/x86_64/postgresql-devel-8.1.8-0.1.20060mlcs4.x86_64.rpm
af7ff5bf6e597521678bdac8434db561 corporate/4.0/x86_64/postgresql-docs-8.1.8-0.1.20060mlcs4.x86_64.rpm
a1df29f5b0aa54c60febfe6088c5a978 corporate/4.0/x86_64/postgresql-pl-8.1.8-0.1.20060mlcs4.x86_64.rpm
dde134fa8ca3771556d30fa08de48065 corporate/4.0/x86_64/postgresql-plperl-8.1.8-0.1.20060mlcs4.x86_64.rpm
1f3373ac4d916f8877c9e6bf7c534320 corporate/4.0/x86_64/postgresql-plpgsql-8.1.8-0.1.20060mlcs4.x86_64.rpm
9808c3922aa7a331a004ba6bf73b5f75 corporate/4.0/x86_64/postgresql-plpython-8.1.8-0.1.20060mlcs4.x86_64.rpm
bdc3c99b92b9273c5498e884b0a8cb89 corporate/4.0/x86_64/postgresql-pltcl-8.1.8-0.1.20060mlcs4.x86_64.rpm
5a4a8a94afe80e38cc625f1a6e8ef8a0 corporate/4.0/x86_64/postgresql-server-8.1.8-0.1.20060mlcs4.x86_64.rpm
2fe0e23d6f77d5761ed5feca78cb8868 corporate/4.0/x86_64/postgresql-test-8.1.8-0.1.20060mlcs4.x86_64.rpm
ecec0536648eedafd8d14c05f530a713 corporate/4.0/SRPMS/postgresql-8.1.8-0.1.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFy5ofmqjQ0CJFipgRAoKeAKC0N2+uxlJ8K+yE8qL+XSeV6Fiz0QCeNE67
UlyPuxevAwtcvuPu11Mn70c=
=SlEu
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists