- Vulnerability/
- RHSA-2009:1485
RHSA-2009:1485: Moderate: postgresql security update
First published: Wed Oct 07 2009(Updated: )
PostgreSQL is an advanced object-relational database management system<br>(DBMS).<br>It was discovered that the upstream patch for CVE-2007-6600 included in the<br>Red Hat Security Advisory RHSA-2008:0039 did not include protection against<br>misuse of the RESET ROLE and RESET SESSION AUTHORIZATION commands. An<br>authenticated user could use this flaw to install malicious code that would<br>later execute with superuser privileges. (CVE-2009-3230)<br>All PostgreSQL users should upgrade to these updated packages, which<br>contain a backported patch to correct this issue. If you are running a<br>PostgreSQL server, the postgresql service must be restarted for this update<br>to take effect.
| Affected Software | Affected Version | How to fix |
|---|
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2009:1485
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type