First published: Wed May 19 2010(Updated: )
PostgreSQL is an advanced object-relational database management system<br>(DBMS). PL/Perl and PL/Tcl allow users to write PostgreSQL functions in the<br>Perl and Tcl languages, and are installed in trusted mode by default. In<br>trusted mode, certain operations, such as operating system level access,<br>are restricted.<br>A flaw was found in the way PostgreSQL enforced permission checks on<br>scripts written in PL/Perl. If the PL/Perl procedural language was<br>registered on a particular database, an authenticated database user running<br>a specially-crafted PL/Perl script could use this flaw to bypass intended<br>PL/Perl trusted mode restrictions, allowing them to run arbitrary Perl<br>scripts with the privileges of the database server. (CVE-2010-1169)<br>Red Hat would like to thank Tim Bunce for responsibly reporting the<br>CVE-2010-1169 flaw.<br>A flaw was found in the way PostgreSQL enforced permission checks on<br>scripts written in PL/Tcl. If the PL/Tcl procedural language was registered<br>on a particular database, an authenticated database user running a<br>specially-crafted PL/Tcl script could use this flaw to bypass intended<br>PL/Tcl trusted mode restrictions, allowing them to run arbitrary Tcl<br>scripts with the privileges of the database server. (CVE-2010-1170)<br>A buffer overflow flaw was found in the way PostgreSQL retrieved a<br>substring from the bit string for BIT() and BIT VARYING() SQL data types.<br>An authenticated database user running a specially-crafted SQL query could<br>use this flaw to cause a temporary denial of service (postgres daemon<br>crash) or, potentially, execute arbitrary code with the privileges of the<br>database server. (CVE-2010-0442)<br>An integer overflow flaw was found in the way PostgreSQL used to calculate<br>the size of the hash table for joined relations. An authenticated database<br>user could create a specially-crafted SQL query which could cause a<br>temporary denial of service (postgres daemon crash) or, potentially,<br>execute arbitrary code with the privileges of the database server.<br>(CVE-2010-0733)<br>PostgreSQL improperly protected session-local state during the execution of<br>an index function by a database superuser during the database maintenance<br>operations. An authenticated database user could use this flaw to elevate<br>their privileges via specially-crafted index functions. (CVE-2009-4136)<br>These packages upgrade PostgreSQL to version 7.4.29. Refer to the<br>PostgreSQL Release Notes for a list of changes:<br><a href="http://www.postgresql.org/docs/7.4/static/release.html" target="_blank">http://www.postgresql.org/docs/7.4/static/release.html</a> All PostgreSQL users are advised to upgrade to these updated packages,<br>which correct these issues. If the postgresql service is running, it will<br>be automatically restarted after installing this update.<br>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/postgresql | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-contrib | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-devel | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-docs | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-jdbc | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-libs | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-libs | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-pl | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-python | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-server | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-tcl | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-test | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-contrib | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-devel | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-docs | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-jdbc | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-pl | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-python | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-server | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-tcl | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
redhat/postgresql-test | <7.4.29-1.el4_8.1 | 7.4.29-1.el4_8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.