|
|
>> Fedora Security Update Fixes PostgreSQL SECURITY DEFINER Functions Vulnerability
|
Title : Fedora Security Update Fixes PostgreSQL SECURITY DEFINER Functions Vulnerability
VUPEN ID : VUPEN/ADV-2007-2090
CVE ID : CVE-2007-2138
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-07
|
A vulnerability has been identified in Fedora, which could be exploited by malicious users to obtain elevated privileges. This issue is caused by an error in PostgreSQL. For additional information, see : VUPEN/ADV-2007-1497
Affected Products
Fedora Core 5
Fedora Core 6
Fedora 7
Solution
Upgrade the affected packages :
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
4723c2969d59fbff67f2569b5f1f22ab757717c8 SRPMS/postgresql-8.1.9-1.fc5.src.rpm
4723c2969d59fbff67f2569b5f1f22ab757717c8 noarch/postgresql-8.1.9-1.fc5.src.rpm
44f0b4a13b2bb73710c10c4d0e0b9b829b79fc64 ppc/postgresql-pl-8.1.9-1.fc5.ppc.rpm
fe03e3f66eb984d1379a63141209d381e2a035b1 ppc/debug/postgresql-debuginfo-8.1.9-1.fc5.ppc.rpm
58c1d8120df8d7b0736ddab3c42ef9b9074195dc ppc/postgresql-devel-8.1.9-1.fc5.ppc.rpm
c318990c583b01012f5e3943493991504b19c1d8 ppc/postgresql-docs-8.1.9-1.fc5.ppc.rpm
fd9e1996ddc4c7d20d0133aefef454ed72d20cfd ppc/postgresql-python-8.1.9-1.fc5.ppc.rpm
7688f2ecb76a22a56f33c220a03299e6546fca11 ppc/postgresql-test-8.1.9-1.fc5.ppc.rpm
ffb4adee09fbc803527ec2612f9ab82c267c5e62 ppc/postgresql-libs-8.1.9-1.fc5.ppc.rpm
0c6a6c808be0d4289dbdaf9dd525aa1f79609733 ppc/postgresql-tcl-8.1.9-1.fc5.ppc.rpm
16a6a78beb1cb564172ff3c292750f4e34fe1cbf ppc/postgresql-8.1.9-1.fc5.ppc.rpm
d46d8d871fc8b3e5a06314cbb12a7cbfdb1d5587 ppc/postgresql-server-8.1.9-1.fc5.ppc.rpm
ef3ef1ef5640a40544befd621249612c41a9b2a6 ppc/postgresql-jdbc-8.1.9-1.fc5.ppc.rpm
7ade43d309a9fe6bf43549e4e0c6412a3f34cce4 ppc/postgresql-contrib-8.1.9-1.fc5.ppc.rpm
4303e16498f676773b4e2fe67f13becaba4b46d2 x86_64/postgresql-test-8.1.9-1.fc5.x86_64.rpm
9a73cc76468a1e4889ed5a9201c5594815f4140f x86_64/postgresql-pl-8.1.9-1.fc5.x86_64.rpm
23c8b18797f9c5cd9683217956ee7bf230966ac7 x86_64/postgresql-devel-8.1.9-1.fc5.x86_64.rpm
66b14a7174c6509dd92aeb056e32c70bc9ee43fc x86_64/postgresql-server-8.1.9-1.fc5.x86_64.rpm
43dd06720e95d54a3e49104c66ad0fcd7a6740a1 x86_64/debug/postgresql-debuginfo-8.1.9-1.fc5.x86_64.rpm
79285cf7358515e5d354712ad68d196392adc9fd x86_64/postgresql-contrib-8.1.9-1.fc5.x86_64.rpm
9dc31fdb14faa496d060797d5eca5d3b9c79d389 x86_64/postgresql-libs-8.1.9-1.fc5.x86_64.rpm
13f0d154a740893b26a77507193891f45c45369a x86_64/postgresql-tcl-8.1.9-1.fc5.x86_64.rpm
723e6540cc4a2804ef6d005ea97904ecb5a8e2ba x86_64/postgresql-8.1.9-1.fc5.x86_64.rpm
27a2302e69f28947aa95b3743ff7bb0a093c071c x86_64/postgresql-python-8.1.9-1.fc5.x86_64.rpm
f1a045f8908a66c2213f02f3545df95ceb0b0f86 x86_64/postgresql-jdbc-8.1.9-1.fc5.x86_64.rpm
b13d98fe781d503b82a2128e747a67855f258edf x86_64/postgresql-docs-8.1.9-1.fc5.x86_64.rpm
697e67743350dd79e030a49f1b3822e12dd32f3b i386/postgresql-test-8.1.9-1.fc5.i386.rpm
91056ae8bd6d5fe3119ae4063ab2624521e5ed68 i386/postgresql-python-8.1.9-1.fc5.i386.rpm
48c7fdc82663e05e33516bc2ffffd643a5d8b5bd i386/postgresql-tcl-8.1.9-1.fc5.i386.rpm
b65e163f5c8f6f7ac06c9f1cfd1c4b82adb3a665 i386/postgresql-8.1.9-1.fc5.i386.rpm
aaef56b88487bb66f8b25b203e659622ddf2fff7 i386/postgresql-contrib-8.1.9-1.fc5.i386.rpm
e47f54ac00f42d32b0a90b60ef285594a2599aa7 i386/postgresql-server-8.1.9-1.fc5.i386.rpm
1329a89d929bcbbc6ac7972ec52551a7cdaebea4 i386/postgresql-devel-8.1.9-1.fc5.i386.rpm
19c6777c9b8b65dd35c893fb64520c9084da0132 i386/postgresql-libs-8.1.9-1.fc5.i386.rpm
2a546d6397ea245b6bbb8cc28867bad8a2a29eba i386/postgresql-jdbc-8.1.9-1.fc5.i386.rpm
3f770555eed86c6cf39320490269b18b7dd243bd i386/debug/postgresql-debuginfo-8.1.9-1.fc5.i386.rpm
813efec90929a05ede1eadc14e6b24faac5aab5c i386/postgresql-pl-8.1.9-1.fc5.i386.rpm
aac41315a4660c6eaf73892edf9f08e7c3b66d37 i386/postgresql-docs-8.1.9-1.fc5.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
57160edaaeebbff6b14e4790bb81c0682540b878 SRPMS/postgresql-8.1.9-1.fc6.src.rpm
57160edaaeebbff6b14e4790bb81c0682540b878 noarch/postgresql-8.1.9-1.fc6.src.rpm
527d92df393cec11dfaf02dc462aa01ba1071476 ppc/postgresql-server-8.1.9-1.fc6.ppc.rpm
a5f19de8e781b0b86f2f90f2580975acbedd5eff ppc/postgresql-devel-8.1.9-1.fc6.ppc.rpm
209506ecc24411b2a86f4138fd62bf92b6f89364 ppc/postgresql-libs-8.1.9-1.fc6.ppc.rpm
f656d4cfe040579944dbba8c35f7ef54cd0d187e ppc/postgresql-contrib-8.1.9-1.fc6.ppc.rpm
87efb90a71493990ab4111ee04cf8984a0e9b208 ppc/postgresql-python-8.1.9-1.fc6.ppc.rpm
91737f4cae4e68481f38ac6d84601ab94efb2550 ppc/postgresql-test-8.1.9-1.fc6.ppc.rpm
438f0ae945b075c81652b583f8ba903276c273ed ppc/debug/postgresql-debuginfo-8.1.9-1.fc6.ppc.rpm
1f01b5f0909751968857df8d670cda5c5a60faa4 ppc/postgresql-docs-8.1.9-1.fc6.ppc.rpm
ec051bc4fe5736fc3a565237e31f7b3ca0bfa8eb ppc/postgresql-pl-8.1.9-1.fc6.ppc.rpm
30f71d7de82e8066a1617b03ab181518c938d155 ppc/postgresql-8.1.9-1.fc6.ppc.rpm
9f933f068d1d6578cdc0f770d49344fefc6f84d1 ppc/postgresql-tcl-8.1.9-1.fc6.ppc.rpm
c069c53d4e14fd7a2d8fb4dad018900ffbd34658 x86_64/postgresql-test-8.1.9-1.fc6.x86_64.rpm
188dd91c90a934f17ac236a9eb321a6e7e447979 x86_64/postgresql-libs-8.1.9-1.fc6.x86_64.rpm
45136b575bcfed928115681461dbf729867bf0a8 x86_64/postgresql-devel-8.1.9-1.fc6.x86_64.rpm
4dfa867a458fd1d575959c8d9a4a56effc3ce19e x86_64/debug/postgresql-debuginfo-8.1.9-1.fc6.x86_64.rpm
a3762453f0abb996af49cea5cb9cfa6a1d511224 x86_64/postgresql-pl-8.1.9-1.fc6.x86_64.rpm
6e6d81a59058f2dec6ca4c38408f29db7ae3b751 x86_64/postgresql-contrib-8.1.9-1.fc6.x86_64.rpm
270cfb97e991649f65266a308f0824b675f4ea7a x86_64/postgresql-python-8.1.9-1.fc6.x86_64.rpm
012cb31947fc0bc127ed17743f259eecbf9c851e x86_64/postgresql-8.1.9-1.fc6.x86_64.rpm
3d6c1d7661aced44b8079c6b4a52e7933b4af47a x86_64/postgresql-tcl-8.1.9-1.fc6.x86_64.rpm
5b171739cd9f4dd795b03fb17fff694ea1acdb41 x86_64/postgresql-docs-8.1.9-1.fc6.x86_64.rpm
10f34769ed6405c74b2b0badb6980053a5061efa x86_64/postgresql-server-8.1.9-1.fc6.x86_64.rpm
bfd21ec59486723b35f0f55b61b3887dd5c1785a i386/postgresql-tcl-8.1.9-1.fc6.i386.rpm
cfbcf27dbdcf0f2f4e111128c6556ce23f0e4c25 i386/postgresql-docs-8.1.9-1.fc6.i386.rpm
31bec6f0904dc9551fa82717d0258567180da4d7 i386/postgresql-devel-8.1.9-1.fc6.i386.rpm
a960cff20e0c05a8463976eecb9a515946d4f3c9 i386/debug/postgresql-debuginfo-8.1.9-1.fc6.i386.rpm
a0de5f0de079e9b275ecf0986957388267ba00c4 i386/postgresql-python-8.1.9-1.fc6.i386.rpm
c5ee1684dec52097bd95e7222b7cc468480652d5 i386/postgresql-contrib-8.1.9-1.fc6.i386.rpm
17570d96f0133710caccba1e967d3f1b04a74e2b i386/postgresql-8.1.9-1.fc6.i386.rpm
f97aa7732fe882d2ea572c24054da309add7afda i386/postgresql-pl-8.1.9-1.fc6.i386.rpm
f38f25e728a20cebbc410d376e552ecf707fb16d i386/postgresql-server-8.1.9-1.fc6.i386.rpm
df4a351d11e4d433f97ec06fc24212882af3ad47 i386/postgresql-test-8.1.9-1.fc6.i386.rpm
7dcf496c6514030652641db8adfe1705ada06f74 i386/postgresql-libs-8.1.9-1.fc6.i386.rpm
cc956d3ee1d96780139b12bcdc3d5a3f4f6e1d03 postgresql-tcl-8.2.4-1.fc7.i386.rpm
594fcced1780b02bc2ba8fc653feb73d94d07e91 postgresql-devel-8.2.4-1.fc7.i386.rpm
b21986bec1c284c4eaa8de3f44389e027882c3e0 postgresql-plpython-8.2.4-1.fc7.i386.rpm
ba7e6698ec0b35e92907e9cab202b82d4dc4ad8a postgresql-test-8.2.4-1.fc7.i386.rpm
32746470bec89809451da27be1cbf4f00147f68f postgresql-contrib-8.2.4-1.fc7.i386.rpm
646643164d44fefff5deb6e27ce748b3af48c666 postgresql-docs-8.2.4-1.fc7.i386.rpm
8a84684665dc1205ecb28dd941e7ba007a4d2ba7 postgresql-plperl-8.2.4-1.fc7.i386.rpm
57b2b843cf40596439b89d850b0677f3b0869500 postgresql-debuginfo-8.2.4-1.fc7.i386.rpm
8041f94ea801d0ac6b190edd1d9e2ad267fd754e postgresql-pltcl-8.2.4-1.fc7.i386.rpm
f25aa5288ab52fe77f49bc6120cd379542e7695d postgresql-libs-8.2.4-1.fc7.i386.rpm
6afdcbd2fc224da0f20bff0d8beb4bd07376b027 postgresql-8.2.4-1.fc7.i386.rpm
a10461dc2ef5ab1b831d06f8d6fbb447bfa6f51b postgresql-server-8.2.4-1.fc7.i386.rpm
355e82240ce049c8c60b7fce51834b29a0e2ab9c postgresql-python-8.2.4-1.fc7.i386.rpm
7e57c2594a0fa040ebb050eab21f5e35c913e326 postgresql-plperl-8.2.4-1.fc7.ppc64.rpm
4cca3daacb65e1291fcf47e7948a701ed50defd5 postgresql-test-8.2.4-1.fc7.ppc64.rpm
20315a5b5aa127b90ef28bcb0f704d286ee9753b postgresql-pltcl-8.2.4-1.fc7.ppc64.rpm
2db6c11e160f0ed4fb196ac23ca02eb6b08de7b0 postgresql-contrib-8.2.4-1.fc7.ppc64.rpm
9ac9d2ba82ddc7e0f1bfc870c6bbaa1a59126684 postgresql-libs-8.2.4-1.fc7.ppc64.rpm
aab04eeda2ee5542221836d8084a4fd06e7b5552 postgresql-8.2.4-1.fc7.ppc64.rpm
56c4d4bed15bbc421f18fd53e284f876cf337bc9 postgresql-devel-8.2.4-1.fc7.ppc64.rpm
989a04986ba0e3ff89ede735a2d5b73a64d7e07c postgresql-plpython-8.2.4-1.fc7.ppc64.rpm
6b67af6cf601d0ecdeb06b4cab472d9677557b4b postgresql-debuginfo-8.2.4-1.fc7.ppc64.rpm
59516598facc50aa970ff7bbfd5574ce14cf7134 postgresql-python-8.2.4-1.fc7.ppc64.rpm
6755c283d04475a702a92650ac1e1d4fad619770 postgresql-tcl-8.2.4-1.fc7.ppc64.rpm
998dbf4f8e7a3a4752122fc316cecb6cd849126a postgresql-docs-8.2.4-1.fc7.ppc64.rpm
fb759d2e4dd2792a8298a7eb57c8927383987813 postgresql-server-8.2.4-1.fc7.ppc64.rpm
99d79d4d87b2323f3000f68f60dbd19c393c262e postgresql-libs-8.2.4-1.fc7.x86_64.rpm
f957cc8a8d72f75e15eb751514cc9d4c31587fb8 postgresql-tcl-8.2.4-1.fc7.x86_64.rpm
cac07ace8187a18d22ccb01496f6050579bb390e postgresql-test-8.2.4-1.fc7.x86_64.rpm
41ff16121bddbb2db508693be78877d68bf85a35 postgresql-python-8.2.4-1.fc7.x86_64.rpm
16a7e61f916db8cf6644520258e9d571d309e2ba postgresql-8.2.4-1.fc7.x86_64.rpm
3687d8f91785ca39f1227512ecdd37174a4e35ed postgresql-pltcl-8.2.4-1.fc7.x86_64.rpm
7eb876f62823ef07094d6503dcc23633957afe6e postgresql-plperl-8.2.4-1.fc7.x86_64.rpm
12d4717aeda64cd7390d27dedb5af8ac74419ac7 postgresql-devel-8.2.4-1.fc7.x86_64.rpm
90847aeb59d5aed8cf0e60b0eca3869638f88ca2 postgresql-docs-8.2.4-1.fc7.x86_64.rpm
623c0d762df8d51402f973e79745ea244b011944 postgresql-debuginfo-8.2.4-1.fc7.x86_64.rpm
496315385f6d5509ccb6320d94dca568fa220ad6 postgresql-plpython-8.2.4-1.fc7.x86_64.rpm
c1dae8b57f9470852f5d9486393cf4cd43b7e30d postgresql-contrib-8.2.4-1.fc7.x86_64.rpm
5eda9446c6ad25e882576edcb28daf9cedf157c4 postgresql-server-8.2.4-1.fc7.x86_64.rpm
1f8bb349dca9db3a6a477412c5659c4baabaf1cf postgresql-libs-8.2.4-1.fc7.ppc.rpm
85116c4b5fee7bb03615db4d952c2c4f5170c412 postgresql-tcl-8.2.4-1.fc7.ppc.rpm
f7ec309e89fdfd9ffd10d27c45e6c1dd38e53b66 postgresql-plpython-8.2.4-1.fc7.ppc.rpm
c5fa0f3c37c79801c78d500222b49a6f302a145f postgresql-test-8.2.4-1.fc7.ppc.rpm
12e37a1792cafcbdc18c5ddf7e5bb189651e2df0 postgresql-server-8.2.4-1.fc7.ppc.rpm
e9f611652c3cd2ff872f9e315733f1c9112aca15 postgresql-python-8.2.4-1.fc7.ppc.rpm
a23e7c4d40593136182042bce34b588bf3702fc0 postgresql-docs-8.2.4-1.fc7.ppc.rpm
630f3e25b29c6c978c3fb8f10d2e1642cf15d71c postgresql-debuginfo-8.2.4-1.fc7.ppc.rpm
df5125c9116fa2f12f8ce89c5a7e1bedff93843b postgresql-pltcl-8.2.4-1.fc7.ppc.rpm
72bd0b98cf53985f62cca6425f4d1176acbf8111 postgresql-contrib-8.2.4-1.fc7.ppc.rpm
73487b921e76ef54475d1faf54460bc0f7659e71 postgresql-8.2.4-1.fc7.ppc.rpm
81117a59517cdc94a7b436c3e7cf9644fd4ffca2 postgresql-plperl-8.2.4-1.fc7.ppc.rpm
8b5aada7b6b9e763c92446d2d62f08f925a9bcdb postgresql-devel-8.2.4-1.fc7.ppc.rpm
5a04ab609fc920b5f0cc9a299eeb3d7215f9b309 postgresql-8.2.4-1.fc7.src.rpm
References
http://www.vupen.com/english/advisories/2007/2090
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00065.html
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00064.html
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00043.html
ChangeLog
2007-06-07 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
