Package name
postgresql
Date
2005-02-17
Advisory ID
MDKSA-2005:040
Affected versions
CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problem description

A number of vulnerabilities were found and corrected in the PostgreSQL DBMS: A flaw in the LOAD command could be abused by a local user to load arbitrary shared libraries and as a result execute arbitrary code with the privileges of the user running the postgresql server (CAN-2005-0227). A permission checking flaw was found where a local user could bypass the EXECUTE permission check for functions using the CREATE AGGREGATE command (CAN-2005-0244). Multiple bufffer overflows were discovered in PL/PgSQL. A database user with permission to create plpgsql functions could trigger these flaws which could then lead to arbitrary code execution with the privileges of the user running the postgresql server (CAN-2005-0245 and CAN-2005-0247). Finally, a flaw in the integer aggregator (intagg) contrib module was found. A user could create carefully crafted arrays and crash the server, causing a Denial of Service (CAN-2005-0246). The updated packages have been patched to correct these problems.

Updated packages

CS2.1 x86_64

 967ecc436c88f3d2f608f785ecae7fdf  x86_64/corporate/2.1/RPMS/libecpg3-7.2.2-1.6.C21mdk.x86_64.rpm
e05af552003ffd68fbcb272cb2612392  x86_64/corporate/2.1/RPMS/libpgperl-7.2.2-1.6.C21mdk.x86_64.rpm
621c6fd539691fba7c17ea952834a9e0  x86_64/corporate/2.1/RPMS/libpgsql2-7.2.2-1.6.C21mdk.x86_64.rpm
126c387736352aa517d2d1b0192d68c7  x86_64/corporate/2.1/RPMS/libpgsqlodbc0-7.2.2-1.6.C21mdk.x86_64.rpm
93971eeef37a3240cf2230252fe4f102  x86_64/corporate/2.1/RPMS/libpgtcl2-7.2.2-1.6.C21mdk.x86_64.rpm
9987aec07e00da4b080be380ffaeda06  x86_64/corporate/2.1/RPMS/postgresql-7.2.2-1.6.C21mdk.x86_64.rpm
bc534eb525ace51b90a7242006c1d8d1  x86_64/corporate/2.1/RPMS/postgresql-contrib-7.2.2-1.6.C21mdk.x86_64.rpm
797ef3bd86d8f6c124fe31f6d954dc45  x86_64/corporate/2.1/RPMS/postgresql-devel-7.2.2-1.6.C21mdk.x86_64.rpm
1ac00353ef746416c66c9f9f5342566a  x86_64/corporate/2.1/RPMS/postgresql-docs-7.2.2-1.6.C21mdk.x86_64.rpm
70abda3fd5a1b1fc7a120452e6a357be  x86_64/corporate/2.1/RPMS/postgresql-jdbc-7.2.2-1.6.C21mdk.x86_64.rpm
228e3a15542579e652bd0011a18d0a33  x86_64/corporate/2.1/RPMS/postgresql-python-7.2.2-1.6.C21mdk.x86_64.rpm
40a38bfcfdbdbb89a3f545be7a38cc02  x86_64/corporate/2.1/RPMS/postgresql-server-7.2.2-1.6.C21mdk.x86_64.rpm
d656d3014fab927f6ed576c2f2b0fab2  x86_64/corporate/2.1/RPMS/postgresql-tcl-7.2.2-1.6.C21mdk.x86_64.rpm
35fab1227bfc8714b8b3adb906934f4f  x86_64/corporate/2.1/RPMS/postgresql-test-7.2.2-1.6.C21mdk.x86_64.rpm
a3e17c5b1e601651125753d743ddbdf2  x86_64/corporate/2.1/RPMS/postgresql-tk-7.2.2-1.6.C21mdk.x86_64.rpm
7796f01877c9b9d9b8e3820525cab446  x86_64/corporate/2.1/SRPMS/postgresql-7.2.2-1.6.C21mdk.src.rpm

10.0 amd64

 ba8ac7fb475e2458d418a9d28f7a6bdd  amd64/10.0/RPMS/lib64ecpg3-7.4.1-2.3.100mdk.amd64.rpm
9aa82839d8707bba9a3f381e541e9eaa  amd64/10.0/RPMS/lib64ecpg3-devel-7.4.1-2.3.100mdk.amd64.rpm
e0eea0ccee8fc51fda4b275cee2861d6  amd64/10.0/RPMS/lib64pgtcl2-7.4.1-2.3.100mdk.amd64.rpm
f0bfa9d336643270dd80995662af9434  amd64/10.0/RPMS/lib64pgtcl2-devel-7.4.1-2.3.100mdk.amd64.rpm
d83ff9d9e546b24091d76aca353d35e2  amd64/10.0/RPMS/lib64pq3-7.4.1-2.3.100mdk.amd64.rpm
13dc44f2b9561e42d2a8056fbb699bbb  amd64/10.0/RPMS/lib64pq3-devel-7.4.1-2.3.100mdk.amd64.rpm
7d271112bbab112b1fb28b303eb9e0a7  amd64/10.0/RPMS/postgresql-7.4.1-2.3.100mdk.amd64.rpm
67a2bb9406e042bea5688d642c337caa  amd64/10.0/RPMS/postgresql-contrib-7.4.1-2.3.100mdk.amd64.rpm
56a76464a238ff294c003d28a8200140  amd64/10.0/RPMS/postgresql-devel-7.4.1-2.3.100mdk.amd64.rpm
91a14f0eed85c582b631203c1e4f06ac  amd64/10.0/RPMS/postgresql-docs-7.4.1-2.3.100mdk.amd64.rpm
fa85691eb7a9324566c4fee3f10076b8  amd64/10.0/RPMS/postgresql-jdbc-7.4.1-2.3.100mdk.amd64.rpm
78fd692dc47840cda2bfe8026da94a9e  amd64/10.0/RPMS/postgresql-pl-7.4.1-2.3.100mdk.amd64.rpm
803e9e42a9520e987eebc84f2b6775b5  amd64/10.0/RPMS/postgresql-server-7.4.1-2.3.100mdk.amd64.rpm
f81990aaf4864f7ff90d6ade4b0e8dc2  amd64/10.0/RPMS/postgresql-tcl-7.4.1-2.3.100mdk.amd64.rpm
8c1313adf68fd74632aa90de56206e59  amd64/10.0/RPMS/postgresql-test-7.4.1-2.3.100mdk.amd64.rpm
5a2668b9715dff828032beb884f1c13a  amd64/10.0/SRPMS/postgresql-7.4.1-2.3.100mdk.src.rpm

10.1 i586

 cfbf2d0416581890cb92ffbfe85f3148  10.1/RPMS/libecpg3-7.4.5-4.2.101mdk.i586.rpm
5d06b5ce19f406df2c59c7700aef56b6  10.1/RPMS/libecpg3-devel-7.4.5-4.2.101mdk.i586.rpm
fce660063ea19318bb1e3b3ff7a3c3f1  10.1/RPMS/libpgtcl2-7.4.5-4.2.101mdk.i586.rpm
fa13708a3ce7b8972f6c102409196115  10.1/RPMS/libpgtcl2-devel-7.4.5-4.2.101mdk.i586.rpm
d4dbb5f29b2453127e20814c166749a2  10.1/RPMS/libpq3-7.4.5-4.2.101mdk.i586.rpm
e1c0fb23f3244c0f41e36a24bbd54879  10.1/RPMS/libpq3-devel-7.4.5-4.2.101mdk.i586.rpm
26fa14f28369a12a1b94be68ae502429  10.1/RPMS/postgresql-7.4.5-4.2.101mdk.i586.rpm
21461b1fcec94edd17d105817664d8d9  10.1/RPMS/postgresql-contrib-7.4.5-4.2.101mdk.i586.rpm
7692813ddccb5a365463d0f9644ff4ca  10.1/RPMS/postgresql-devel-7.4.5-4.2.101mdk.i586.rpm
8e2040db7835bcce566574da3e7d6cd4  10.1/RPMS/postgresql-docs-7.4.5-4.2.101mdk.i586.rpm
b92bfdc895060d4d0802508632105035  10.1/RPMS/postgresql-jdbc-7.4.5-4.2.101mdk.i586.rpm
db2c90c7c39c013c013d2d3d9d113765  10.1/RPMS/postgresql-pl-7.4.5-4.2.101mdk.i586.rpm
c7613cdabf7e94505eaf7c87184a16f9  10.1/RPMS/postgresql-server-7.4.5-4.2.101mdk.i586.rpm
41f893da26544b0fa198e6279c170f07  10.1/RPMS/postgresql-tcl-7.4.5-4.2.101mdk.i586.rpm
0454c551cfc2d85561973ccd67c2b91d  10.1/RPMS/postgresql-test-7.4.5-4.2.101mdk.i586.rpm
eb44e6b640cda424b0b07a68f1a52dec  10.1/SRPMS/postgresql-7.4.5-4.2.101mdk.src.rpm

10.0 i586

 16ffc8828537cc68c3677e847bba3423  10.0/RPMS/libecpg3-7.4.1-2.3.100mdk.i586.rpm
4020d5d5f6f3f54e4d25f84a75ab691d  10.0/RPMS/libecpg3-devel-7.4.1-2.3.100mdk.i586.rpm
9232db8cc28358e2d4a3a9edd7a87187  10.0/RPMS/libpgtcl2-7.4.1-2.3.100mdk.i586.rpm
520b86f7d74d29146e55f74330b1a552  10.0/RPMS/libpgtcl2-devel-7.4.1-2.3.100mdk.i586.rpm
d72e9063c841bd43e9242034f474244b  10.0/RPMS/libpq3-7.4.1-2.3.100mdk.i586.rpm
6419d8bec8b95e4ecaeedebd52c93738  10.0/RPMS/libpq3-devel-7.4.1-2.3.100mdk.i586.rpm
7c280a56ab05ea690c766e539c719f99  10.0/RPMS/postgresql-7.4.1-2.3.100mdk.i586.rpm
2001b4acc4f4d47b0416a67ef41981fd  10.0/RPMS/postgresql-contrib-7.4.1-2.3.100mdk.i586.rpm
4dcc1389b8057ff8200c639ad5a3f4ec  10.0/RPMS/postgresql-devel-7.4.1-2.3.100mdk.i586.rpm
453e7a73a7b9dc82ae934cb1e577dc01  10.0/RPMS/postgresql-docs-7.4.1-2.3.100mdk.i586.rpm
2e75916c1fba4577305ac550035e4743  10.0/RPMS/postgresql-jdbc-7.4.1-2.3.100mdk.i586.rpm
afd194432b0e32084ba5fa8a65f998e2  10.0/RPMS/postgresql-pl-7.4.1-2.3.100mdk.i586.rpm
a44ff8f4b5fc39031001e4a9229d572a  10.0/RPMS/postgresql-server-7.4.1-2.3.100mdk.i586.rpm
43bc338135c44b923e1fe2a4f8daf2d8  10.0/RPMS/postgresql-tcl-7.4.1-2.3.100mdk.i586.rpm
a4b5edb7b50fb00d506f269539291052  10.0/RPMS/postgresql-test-7.4.1-2.3.100mdk.i586.rpm
5a2668b9715dff828032beb884f1c13a  10.0/SRPMS/postgresql-7.4.1-2.3.100mdk.src.rpm

CS3.0 x86_64

 1fea9bc21a5abc4f82b8d7daaa303536  x86_64/corporate/3.0/RPMS/lib64ecpg3-7.4.1-2.3.C30mdk.x86_64.rpm
551d09da754f2df20149be16bb6db2d4  x86_64/corporate/3.0/RPMS/lib64ecpg3-devel-7.4.1-2.3.C30mdk.x86_64.rpm
47fa740b136759bc2994ae7ec835a94f  x86_64/corporate/3.0/RPMS/lib64pgtcl2-7.4.1-2.3.C30mdk.x86_64.rpm
de25619797d5158ced82900075b3936d  x86_64/corporate/3.0/RPMS/lib64pgtcl2-devel-7.4.1-2.3.C30mdk.x86_64.rpm
d91013404c9707cd0ae118a463ff0c6f  x86_64/corporate/3.0/RPMS/lib64pq3-7.4.1-2.3.C30mdk.x86_64.rpm
71dcfe4eb96aba1530434daa07fd6eed  x86_64/corporate/3.0/RPMS/lib64pq3-devel-7.4.1-2.3.C30mdk.x86_64.rpm
3f168888bf5efd05ef6fd719d9c01917  x86_64/corporate/3.0/RPMS/postgresql-7.4.1-2.3.C30mdk.x86_64.rpm
6c8dd16779bc40266cd64f1f412d2102  x86_64/corporate/3.0/RPMS/postgresql-contrib-7.4.1-2.3.C30mdk.x86_64.rpm
75c1a72e9cbb770c1a236ab6ddb2ab76  x86_64/corporate/3.0/RPMS/postgresql-devel-7.4.1-2.3.C30mdk.x86_64.rpm
f0025782e729ec6b411fdf8571c77144  x86_64/corporate/3.0/RPMS/postgresql-docs-7.4.1-2.3.C30mdk.x86_64.rpm
49f9232aecedb50ad4aa2d1dcfa701a5  x86_64/corporate/3.0/RPMS/postgresql-jdbc-7.4.1-2.3.C30mdk.x86_64.rpm
7c26529d41d00b88ea641d93bf1a52b7  x86_64/corporate/3.0/RPMS/postgresql-pl-7.4.1-2.3.C30mdk.x86_64.rpm
e329a502d793ac88c26b378558cd8578  x86_64/corporate/3.0/RPMS/postgresql-server-7.4.1-2.3.C30mdk.x86_64.rpm
c0864e32bdd125df52263916125bad7b  x86_64/corporate/3.0/RPMS/postgresql-tcl-7.4.1-2.3.C30mdk.x86_64.rpm
e8f6a709d4809fd20f2b0842cbfac96a  x86_64/corporate/3.0/RPMS/postgresql-test-7.4.1-2.3.C30mdk.x86_64.rpm
9b08dd32f213eb5d72eefdb1180d4e07  x86_64/corporate/3.0/SRPMS/postgresql-7.4.1-2.3.C30mdk.src.rpm

CS3.0 i586

 703f412b51e8a67f4fe730001fff869a  corporate/3.0/RPMS/libecpg3-7.4.1-2.3.C30mdk.i586.rpm
9f110cf2987d1640aad133466a370ac9  corporate/3.0/RPMS/libecpg3-devel-7.4.1-2.3.C30mdk.i586.rpm
15faf2e314a2f58576bc767873f38dd5  corporate/3.0/RPMS/libpgtcl2-7.4.1-2.3.C30mdk.i586.rpm
453a316a93ed80391c90d7d5f1f3a6a2  corporate/3.0/RPMS/libpgtcl2-devel-7.4.1-2.3.C30mdk.i586.rpm
f1cdf3eb4c3c2de0258da3aa96f28b51  corporate/3.0/RPMS/libpq3-7.4.1-2.3.C30mdk.i586.rpm
b812a36bcfbfa5ff5e1277916427fed4  corporate/3.0/RPMS/libpq3-devel-7.4.1-2.3.C30mdk.i586.rpm
c14ee05bd18670aa32daadf7874058ea  corporate/3.0/RPMS/postgresql-7.4.1-2.3.C30mdk.i586.rpm
480c6b12fd9f67b461565150990d94dd  corporate/3.0/RPMS/postgresql-contrib-7.4.1-2.3.C30mdk.i586.rpm
3eeddc76a7a76e27f182ba4cb1b17e42  corporate/3.0/RPMS/postgresql-devel-7.4.1-2.3.C30mdk.i586.rpm
485b6c829446ea045279be079e1fa072  corporate/3.0/RPMS/postgresql-docs-7.4.1-2.3.C30mdk.i586.rpm
8bd2d6305f5251ba836c18f75d988227  corporate/3.0/RPMS/postgresql-jdbc-7.4.1-2.3.C30mdk.i586.rpm
641f0a542a38f4c11ab4dc3ef4342276  corporate/3.0/RPMS/postgresql-pl-7.4.1-2.3.C30mdk.i586.rpm
c3159ed459277846c1039bba90311b95  corporate/3.0/RPMS/postgresql-server-7.4.1-2.3.C30mdk.i586.rpm
b21d6d84e624db0392e574a169502061  corporate/3.0/RPMS/postgresql-tcl-7.4.1-2.3.C30mdk.i586.rpm
cdb56ad60e5873d9352e368f38e0ff4d  corporate/3.0/RPMS/postgresql-test-7.4.1-2.3.C30mdk.i586.rpm
9b08dd32f213eb5d72eefdb1180d4e07  corporate/3.0/SRPMS/postgresql-7.4.1-2.3.C30mdk.src.rpm

CS2.1 i586

 07828dc552fa6bb7ec317629506bbaec  corporate/2.1/RPMS/libecpg3-7.2.2-1.6.C21mdk.i586.rpm
1b22046007724c7f2d53daa27bf6aa97  corporate/2.1/RPMS/libpgperl-7.2.2-1.6.C21mdk.i586.rpm
543c329b9a40d115fc4cbed5a960f5d8  corporate/2.1/RPMS/libpgsql2-7.2.2-1.6.C21mdk.i586.rpm
aa6041f4e4ca1a5e1bc16f1d977940b1  corporate/2.1/RPMS/libpgsqlodbc0-7.2.2-1.6.C21mdk.i586.rpm
3cb3c7a6d281dc612df295c2bdb9f0c2  corporate/2.1/RPMS/libpgtcl2-7.2.2-1.6.C21mdk.i586.rpm
3e2f09fa209071e921e3d8e0e5b1351c  corporate/2.1/RPMS/postgresql-7.2.2-1.6.C21mdk.i586.rpm
d3d7ef771756c8e84e159601a4b10866  corporate/2.1/RPMS/postgresql-contrib-7.2.2-1.6.C21mdk.i586.rpm
a443fa9d365d6d9a14078868697fd67e  corporate/2.1/RPMS/postgresql-devel-7.2.2-1.6.C21mdk.i586.rpm
f03e1880bcf194e0acbfddb5a6448ec7  corporate/2.1/RPMS/postgresql-docs-7.2.2-1.6.C21mdk.i586.rpm
0987e784211fdc488ec199543deba1db  corporate/2.1/RPMS/postgresql-jdbc-7.2.2-1.6.C21mdk.i586.rpm
99e748cea890e06a38c5313a7cd92672  corporate/2.1/RPMS/postgresql-python-7.2.2-1.6.C21mdk.i586.rpm
ff9096291b65bd3df3b2d54b9f0cd33d  corporate/2.1/RPMS/postgresql-server-7.2.2-1.6.C21mdk.i586.rpm
228bc6d5a908e93c916d125ee0f05ae0  corporate/2.1/RPMS/postgresql-tcl-7.2.2-1.6.C21mdk.i586.rpm
308a1ec1153ee10773198a55eab564a2  corporate/2.1/RPMS/postgresql-test-7.2.2-1.6.C21mdk.i586.rpm
c8b5f9daf5cab602786e1b1a860a9618  corporate/2.1/RPMS/postgresql-tk-7.2.2-1.6.C21mdk.i586.rpm
7796f01877c9b9d9b8e3820525cab446  corporate/2.1/SRPMS/postgresql-7.2.2-1.6.C21mdk.src.rpm

10.1 x86_64

 c3d7002d1791bfd467201e1e3ec45813  x86_64/10.1/RPMS/lib64ecpg3-7.4.5-4.2.101mdk.x86_64.rpm
3588072e4ac37d48ce17b19af768ff53  x86_64/10.1/RPMS/lib64ecpg3-devel-7.4.5-4.2.101mdk.x86_64.rpm
944c52672e0a156a063e4b9d23be5434  x86_64/10.1/RPMS/lib64pgtcl2-7.4.5-4.2.101mdk.x86_64.rpm
3392f7f1bb345198e7db0c5ecda9614e  x86_64/10.1/RPMS/lib64pgtcl2-devel-7.4.5-4.2.101mdk.x86_64.rpm
91c6169bc0c6a30d2ca6c3081e7531d3  x86_64/10.1/RPMS/lib64pq3-7.4.5-4.2.101mdk.x86_64.rpm
0006b0af52c0f07140ad62f2551a2b75  x86_64/10.1/RPMS/lib64pq3-devel-7.4.5-4.2.101mdk.x86_64.rpm
84e54857dd38ceb0331cf7d6afa873f2  x86_64/10.1/RPMS/postgresql-7.4.5-4.2.101mdk.x86_64.rpm
d53d51c03e9cf6b2111aec6c2bbecce4  x86_64/10.1/RPMS/postgresql-contrib-7.4.5-4.2.101mdk.x86_64.rpm
0a367e8f05859e51fc9c7aa43a77c196  x86_64/10.1/RPMS/postgresql-devel-7.4.5-4.2.101mdk.x86_64.rpm
f02047b426694df93a3995251f210e51  x86_64/10.1/RPMS/postgresql-docs-7.4.5-4.2.101mdk.x86_64.rpm
441f29064e398dfcb81344c2ab1c97df  x86_64/10.1/RPMS/postgresql-jdbc-7.4.5-4.2.101mdk.x86_64.rpm
d0009a4a3e40bd4dbb366cbbd209b75f  x86_64/10.1/RPMS/postgresql-pl-7.4.5-4.2.101mdk.x86_64.rpm
ad7747cd7531512f4137ec3fc53bb678  x86_64/10.1/RPMS/postgresql-server-7.4.5-4.2.101mdk.x86_64.rpm
a8e723d3059d6464b9543781bac73b13  x86_64/10.1/RPMS/postgresql-tcl-7.4.5-4.2.101mdk.x86_64.rpm
8f5bfc4b116ab384a51f5d4f3898a87a  x86_64/10.1/RPMS/postgresql-test-7.4.5-4.2.101mdk.x86_64.rpm
eb44e6b640cda424b0b07a68f1a52dec  x86_64/10.1/SRPMS/postgresql-7.4.5-4.2.101mdk.src.rpm

References