copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2004.0800 -- RHSA-2004:489-01 -- Updated rh-postgresql packages

Date: 21 December 2004
References: ESB-2004.0693  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                     ESB-2004.0800 -- RHSA-2004:489-01
                      Updated rh-postgresql packages
                             21 December 2004

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           rh-postgresql
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux AS/ES/WS 3
                   Red Hat Desktop version 3
Impact:            Overwrite Arbitrary Files
Access:            Existing Account
CVE Names:         CAN-2004-0977

Ref:               ESB-2004.0693

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated rh-postgresql packages
Advisory ID:       RHSA-2004:489-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2004-489.html
Issue date:        2004-12-20
Updated on:        2004-12-20
Product:           Red Hat Enterprise Linux
Keywords:          PostgreSQL
Obsoletes:         RHBA-2004:307
CVE Names:         CAN-2004-0977
- - ---------------------------------------------------------------------

1. Summary:

Updated rh-postgresql packages that fix various bugs are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including transactions,
subselects, and user-defined types and functions).

Trustix has identified improper temporary file usage in the
make_oidjoins_check script.  It is possible that an attacker could
overwrite arbitrary file contents as the user running the
make_oidjoins_check script.  This script has been removed from the RPM file
since it has no use to ordinary users.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0977 to
this issue.

Additionally, the following non-security issues have been addressed:

- - - Fixed a low probability risk for loss of recently committed transactions.

- - - Fixed a low probability risk for loss of older data due to failure to 
  update transaction status.

- - - A lock file problem that sometimes prevented automatic restart after a 
  system crash has been fixed.

All users of rh-postgresql should upgrade to these updated packages, which
resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate.  The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed (http://bugzilla.redhat.com/):

130814 - PostgreSQL can lose committed transactions
130989 - a bug in rh-postgresql.spec file
134090 - Postgres's init script does not remove stale PID file
136300 - CAN-2004-0977 temporary file vulnerabilities in make_oidjoins_check script
136949 - PostgreSQL data loss risk and minor security issues

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/rh-postgresql-7.3.8-2.src.rpm
b6f78f4d007ff34fd27c73e8e2184b9a  rh-postgresql-7.3.8-2.src.rpm

i386:
9a8e4fab3fefaa9c62adffab85d7f9dd  rh-postgresql-7.3.8-2.i386.rpm
cbe1191f0e15417f42bd63ae30ccd3e5  rh-postgresql-contrib-7.3.8-2.i386.rpm
9555acf13b8ebf18dfb481cd5c6f99c1  rh-postgresql-devel-7.3.8-2.i386.rpm
dbe30f5c7d8a9dd83090857800ce4a62  rh-postgresql-docs-7.3.8-2.i386.rpm
e011a190a43641d139052255b6b3727b  rh-postgresql-jdbc-7.3.8-2.i386.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
0365a7e9e9afe7a21d3479175ede1194  rh-postgresql-pl-7.3.8-2.i386.rpm
ba83c9b6005800cb36e31d789aea1003  rh-postgresql-python-7.3.8-2.i386.rpm
f695cfb3138039e3bfce6191d2eedba7  rh-postgresql-server-7.3.8-2.i386.rpm
a894286bfd45da019bd2f083c510c013  rh-postgresql-tcl-7.3.8-2.i386.rpm
ba1a9a7eafd9f54d5da3be6477afa91b  rh-postgresql-test-7.3.8-2.i386.rpm

ia64:
b81fe8a042275a6eae8e019ed024bb52  rh-postgresql-7.3.8-2.ia64.rpm
44617417c491cd9618414cdedfad7704  rh-postgresql-contrib-7.3.8-2.ia64.rpm
d68d98d887e03743fa57c479465a2378  rh-postgresql-devel-7.3.8-2.ia64.rpm
d0f30ecba82ffbb20c9d5b5381e82697  rh-postgresql-docs-7.3.8-2.ia64.rpm
27dc30c3cf876227812759044db25829  rh-postgresql-jdbc-7.3.8-2.ia64.rpm
8f82413ed98614887bf84b90705e5f9b  rh-postgresql-libs-7.3.8-2.ia64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
b7c203dbbb7339d038d66e857bc3d4b9  rh-postgresql-pl-7.3.8-2.ia64.rpm
7ace5c441704b85d292405139b8cc322  rh-postgresql-python-7.3.8-2.ia64.rpm
ff98fdfb1d3bd314b3531ece1ee1914c  rh-postgresql-server-7.3.8-2.ia64.rpm
6b8d0f1eaef081197b2c9206641fba8f  rh-postgresql-tcl-7.3.8-2.ia64.rpm
80603313ddbdd0615de272825c4563ff  rh-postgresql-test-7.3.8-2.ia64.rpm

ppc:
61cb8351f26b2d2cb1c67d35b4d54aa5  rh-postgresql-7.3.8-2.ppc.rpm
7d85d7aa8f268df2c17e1031070bb4f3  rh-postgresql-contrib-7.3.8-2.ppc.rpm
2fb726274c0ef0efd3edd3c3d09907d6  rh-postgresql-devel-7.3.8-2.ppc.rpm
78b2859d5bfd196e6b7de7bf0f4b8edd  rh-postgresql-docs-7.3.8-2.ppc.rpm
77a4a4438201e52c2655c89cf93d8c2e  rh-postgresql-jdbc-7.3.8-2.ppc.rpm
bfe513f316461b70e6f16e55a7239983  rh-postgresql-libs-7.3.8-2.ppc.rpm
ec6ecaecc2fad7f89fc4f252d38d0768  rh-postgresql-pl-7.3.8-2.ppc.rpm
c5d1fa31dba46003b6a1a45edd2f9a9b  rh-postgresql-python-7.3.8-2.ppc.rpm
f4784bf0163b4d4d323989241049d851  rh-postgresql-server-7.3.8-2.ppc.rpm
3a806dbdaa439256b157b8405df94eb3  rh-postgresql-tcl-7.3.8-2.ppc.rpm
038f122dbc33dec81fe277d8b1fc87ed  rh-postgresql-test-7.3.8-2.ppc.rpm

ppc64:
1948dd5f3925216c7ecea6bc424b288f  rh-postgresql-libs-7.3.8-2.ppc64.rpm

s390:
3ec831b0bf766b9dd9880cd144e0b732  rh-postgresql-7.3.8-2.s390.rpm
5c918ccf8bdb5b5d7480ed17c1273b5f  rh-postgresql-contrib-7.3.8-2.s390.rpm
f5237ab51b6eb4b3da36adc42ea16bcd  rh-postgresql-devel-7.3.8-2.s390.rpm
90fc27be8ac2c65ebd7668f53276b260  rh-postgresql-docs-7.3.8-2.s390.rpm
06367e3e830c62c8afd9afca9ae99d33  rh-postgresql-jdbc-7.3.8-2.s390.rpm
1aff1b96a8d94965a12a4c9bfbbe9a11  rh-postgresql-libs-7.3.8-2.s390.rpm
644b0b229a2916b59aca7fa543e605d3  rh-postgresql-pl-7.3.8-2.s390.rpm
db08ba50321ae2ecc185b290ea36a39d  rh-postgresql-python-7.3.8-2.s390.rpm
bf664bf955832af93ff862d2488db4bf  rh-postgresql-server-7.3.8-2.s390.rpm
4c6e9bccebbb29c5767d4ab8172b8b55  rh-postgresql-tcl-7.3.8-2.s390.rpm
12ac81c2da135e94e9619dc71174e541  rh-postgresql-test-7.3.8-2.s390.rpm

s390x:
0fb9269140c52e80cec05f2bac2c5a45  rh-postgresql-7.3.8-2.s390x.rpm
0c9c9f6dbb68b3d637948444a57d7d9f  rh-postgresql-contrib-7.3.8-2.s390x.rpm
8136241175742881a571681e8fb38418  rh-postgresql-devel-7.3.8-2.s390x.rpm
c7fdd00fc81c887cf06761366a854863  rh-postgresql-docs-7.3.8-2.s390x.rpm
0e013178fd4bfad778a346a6386d7fae  rh-postgresql-jdbc-7.3.8-2.s390x.rpm
8d840586780a5443ee055c578f1cafea  rh-postgresql-libs-7.3.8-2.s390x.rpm
1aff1b96a8d94965a12a4c9bfbbe9a11  rh-postgresql-libs-7.3.8-2.s390.rpm
42b5090143b89c99de862a1f43abdc19  rh-postgresql-pl-7.3.8-2.s390x.rpm
5d6925405e6086946e4ba18330f2542e  rh-postgresql-python-7.3.8-2.s390x.rpm
cdd8ffee22bee31625edde4d78726bc3  rh-postgresql-server-7.3.8-2.s390x.rpm
9a1928941441bcfec612b8f529323389  rh-postgresql-tcl-7.3.8-2.s390x.rpm
0311161816e1c56ff87b8bb606865a70  rh-postgresql-test-7.3.8-2.s390x.rpm

x86_64:
58be01e12b8b73f6c7d986f085308b6f  rh-postgresql-7.3.8-2.x86_64.rpm
97052514a167a5f2e177b1789ea42104  rh-postgresql-contrib-7.3.8-2.x86_64.rpm
52f4461df7735a5e617e917b406ce1fd  rh-postgresql-devel-7.3.8-2.x86_64.rpm
dc3d6f4246ca53d9d5b9a7c67c2bcadf  rh-postgresql-docs-7.3.8-2.x86_64.rpm
dca39c461cf73431984b28b304fa2584  rh-postgresql-jdbc-7.3.8-2.x86_64.rpm
4594237703b5e15de4219c3d7a6cf88f  rh-postgresql-libs-7.3.8-2.x86_64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
01bf5f97411d52a80f569c711c8631a0  rh-postgresql-pl-7.3.8-2.x86_64.rpm
0867682b553bf2a4f97bf4df13472f52  rh-postgresql-python-7.3.8-2.x86_64.rpm
c3bce4b8c1f3725f1ea74ac05c1bc0bd  rh-postgresql-server-7.3.8-2.x86_64.rpm
d33a6dbd447e819993fb93d48e2429bd  rh-postgresql-tcl-7.3.8-2.x86_64.rpm
24b8957973eb0ea8855318e70fc36286  rh-postgresql-test-7.3.8-2.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/rh-postgresql-7.3.8-2.src.rpm
b6f78f4d007ff34fd27c73e8e2184b9a  rh-postgresql-7.3.8-2.src.rpm

i386:
9a8e4fab3fefaa9c62adffab85d7f9dd  rh-postgresql-7.3.8-2.i386.rpm
cbe1191f0e15417f42bd63ae30ccd3e5  rh-postgresql-contrib-7.3.8-2.i386.rpm
9555acf13b8ebf18dfb481cd5c6f99c1  rh-postgresql-devel-7.3.8-2.i386.rpm
dbe30f5c7d8a9dd83090857800ce4a62  rh-postgresql-docs-7.3.8-2.i386.rpm
e011a190a43641d139052255b6b3727b  rh-postgresql-jdbc-7.3.8-2.i386.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
0365a7e9e9afe7a21d3479175ede1194  rh-postgresql-pl-7.3.8-2.i386.rpm
ba83c9b6005800cb36e31d789aea1003  rh-postgresql-python-7.3.8-2.i386.rpm
f695cfb3138039e3bfce6191d2eedba7  rh-postgresql-server-7.3.8-2.i386.rpm
a894286bfd45da019bd2f083c510c013  rh-postgresql-tcl-7.3.8-2.i386.rpm
ba1a9a7eafd9f54d5da3be6477afa91b  rh-postgresql-test-7.3.8-2.i386.rpm

x86_64:
58be01e12b8b73f6c7d986f085308b6f  rh-postgresql-7.3.8-2.x86_64.rpm
97052514a167a5f2e177b1789ea42104  rh-postgresql-contrib-7.3.8-2.x86_64.rpm
52f4461df7735a5e617e917b406ce1fd  rh-postgresql-devel-7.3.8-2.x86_64.rpm
dc3d6f4246ca53d9d5b9a7c67c2bcadf  rh-postgresql-docs-7.3.8-2.x86_64.rpm
dca39c461cf73431984b28b304fa2584  rh-postgresql-jdbc-7.3.8-2.x86_64.rpm
4594237703b5e15de4219c3d7a6cf88f  rh-postgresql-libs-7.3.8-2.x86_64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
01bf5f97411d52a80f569c711c8631a0  rh-postgresql-pl-7.3.8-2.x86_64.rpm
0867682b553bf2a4f97bf4df13472f52  rh-postgresql-python-7.3.8-2.x86_64.rpm
c3bce4b8c1f3725f1ea74ac05c1bc0bd  rh-postgresql-server-7.3.8-2.x86_64.rpm
d33a6dbd447e819993fb93d48e2429bd  rh-postgresql-tcl-7.3.8-2.x86_64.rpm
24b8957973eb0ea8855318e70fc36286  rh-postgresql-test-7.3.8-2.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/rh-postgresql-7.3.8-2.src.rpm
b6f78f4d007ff34fd27c73e8e2184b9a  rh-postgresql-7.3.8-2.src.rpm

i386:
9a8e4fab3fefaa9c62adffab85d7f9dd  rh-postgresql-7.3.8-2.i386.rpm
cbe1191f0e15417f42bd63ae30ccd3e5  rh-postgresql-contrib-7.3.8-2.i386.rpm
9555acf13b8ebf18dfb481cd5c6f99c1  rh-postgresql-devel-7.3.8-2.i386.rpm
dbe30f5c7d8a9dd83090857800ce4a62  rh-postgresql-docs-7.3.8-2.i386.rpm
e011a190a43641d139052255b6b3727b  rh-postgresql-jdbc-7.3.8-2.i386.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
0365a7e9e9afe7a21d3479175ede1194  rh-postgresql-pl-7.3.8-2.i386.rpm
ba83c9b6005800cb36e31d789aea1003  rh-postgresql-python-7.3.8-2.i386.rpm
f695cfb3138039e3bfce6191d2eedba7  rh-postgresql-server-7.3.8-2.i386.rpm
a894286bfd45da019bd2f083c510c013  rh-postgresql-tcl-7.3.8-2.i386.rpm
ba1a9a7eafd9f54d5da3be6477afa91b  rh-postgresql-test-7.3.8-2.i386.rpm

ia64:
b81fe8a042275a6eae8e019ed024bb52  rh-postgresql-7.3.8-2.ia64.rpm
44617417c491cd9618414cdedfad7704  rh-postgresql-contrib-7.3.8-2.ia64.rpm
d68d98d887e03743fa57c479465a2378  rh-postgresql-devel-7.3.8-2.ia64.rpm
d0f30ecba82ffbb20c9d5b5381e82697  rh-postgresql-docs-7.3.8-2.ia64.rpm
27dc30c3cf876227812759044db25829  rh-postgresql-jdbc-7.3.8-2.ia64.rpm
8f82413ed98614887bf84b90705e5f9b  rh-postgresql-libs-7.3.8-2.ia64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
b7c203dbbb7339d038d66e857bc3d4b9  rh-postgresql-pl-7.3.8-2.ia64.rpm
7ace5c441704b85d292405139b8cc322  rh-postgresql-python-7.3.8-2.ia64.rpm
ff98fdfb1d3bd314b3531ece1ee1914c  rh-postgresql-server-7.3.8-2.ia64.rpm
6b8d0f1eaef081197b2c9206641fba8f  rh-postgresql-tcl-7.3.8-2.ia64.rpm
80603313ddbdd0615de272825c4563ff  rh-postgresql-test-7.3.8-2.ia64.rpm

x86_64:
58be01e12b8b73f6c7d986f085308b6f  rh-postgresql-7.3.8-2.x86_64.rpm
97052514a167a5f2e177b1789ea42104  rh-postgresql-contrib-7.3.8-2.x86_64.rpm
52f4461df7735a5e617e917b406ce1fd  rh-postgresql-devel-7.3.8-2.x86_64.rpm
dc3d6f4246ca53d9d5b9a7c67c2bcadf  rh-postgresql-docs-7.3.8-2.x86_64.rpm
dca39c461cf73431984b28b304fa2584  rh-postgresql-jdbc-7.3.8-2.x86_64.rpm
4594237703b5e15de4219c3d7a6cf88f  rh-postgresql-libs-7.3.8-2.x86_64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
01bf5f97411d52a80f569c711c8631a0  rh-postgresql-pl-7.3.8-2.x86_64.rpm
0867682b553bf2a4f97bf4df13472f52  rh-postgresql-python-7.3.8-2.x86_64.rpm
c3bce4b8c1f3725f1ea74ac05c1bc0bd  rh-postgresql-server-7.3.8-2.x86_64.rpm
d33a6dbd447e819993fb93d48e2429bd  rh-postgresql-tcl-7.3.8-2.x86_64.rpm
24b8957973eb0ea8855318e70fc36286  rh-postgresql-test-7.3.8-2.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/rh-postgresql-7.3.8-2.src.rpm
b6f78f4d007ff34fd27c73e8e2184b9a  rh-postgresql-7.3.8-2.src.rpm

i386:
9a8e4fab3fefaa9c62adffab85d7f9dd  rh-postgresql-7.3.8-2.i386.rpm
cbe1191f0e15417f42bd63ae30ccd3e5  rh-postgresql-contrib-7.3.8-2.i386.rpm
9555acf13b8ebf18dfb481cd5c6f99c1  rh-postgresql-devel-7.3.8-2.i386.rpm
dbe30f5c7d8a9dd83090857800ce4a62  rh-postgresql-docs-7.3.8-2.i386.rpm
e011a190a43641d139052255b6b3727b  rh-postgresql-jdbc-7.3.8-2.i386.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
0365a7e9e9afe7a21d3479175ede1194  rh-postgresql-pl-7.3.8-2.i386.rpm
ba83c9b6005800cb36e31d789aea1003  rh-postgresql-python-7.3.8-2.i386.rpm
f695cfb3138039e3bfce6191d2eedba7  rh-postgresql-server-7.3.8-2.i386.rpm
a894286bfd45da019bd2f083c510c013  rh-postgresql-tcl-7.3.8-2.i386.rpm
ba1a9a7eafd9f54d5da3be6477afa91b  rh-postgresql-test-7.3.8-2.i386.rpm

ia64:
b81fe8a042275a6eae8e019ed024bb52  rh-postgresql-7.3.8-2.ia64.rpm
44617417c491cd9618414cdedfad7704  rh-postgresql-contrib-7.3.8-2.ia64.rpm
d68d98d887e03743fa57c479465a2378  rh-postgresql-devel-7.3.8-2.ia64.rpm
d0f30ecba82ffbb20c9d5b5381e82697  rh-postgresql-docs-7.3.8-2.ia64.rpm
27dc30c3cf876227812759044db25829  rh-postgresql-jdbc-7.3.8-2.ia64.rpm
8f82413ed98614887bf84b90705e5f9b  rh-postgresql-libs-7.3.8-2.ia64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
b7c203dbbb7339d038d66e857bc3d4b9  rh-postgresql-pl-7.3.8-2.ia64.rpm
7ace5c441704b85d292405139b8cc322  rh-postgresql-python-7.3.8-2.ia64.rpm
ff98fdfb1d3bd314b3531ece1ee1914c  rh-postgresql-server-7.3.8-2.ia64.rpm
6b8d0f1eaef081197b2c9206641fba8f  rh-postgresql-tcl-7.3.8-2.ia64.rpm
80603313ddbdd0615de272825c4563ff  rh-postgresql-test-7.3.8-2.ia64.rpm

x86_64:
58be01e12b8b73f6c7d986f085308b6f  rh-postgresql-7.3.8-2.x86_64.rpm
97052514a167a5f2e177b1789ea42104  rh-postgresql-contrib-7.3.8-2.x86_64.rpm
52f4461df7735a5e617e917b406ce1fd  rh-postgresql-devel-7.3.8-2.x86_64.rpm
dc3d6f4246ca53d9d5b9a7c67c2bcadf  rh-postgresql-docs-7.3.8-2.x86_64.rpm
dca39c461cf73431984b28b304fa2584  rh-postgresql-jdbc-7.3.8-2.x86_64.rpm
4594237703b5e15de4219c3d7a6cf88f  rh-postgresql-libs-7.3.8-2.x86_64.rpm
7db6fc9638372c5cd81182888dffcb2e  rh-postgresql-libs-7.3.8-2.i386.rpm
01bf5f97411d52a80f569c711c8631a0  rh-postgresql-pl-7.3.8-2.x86_64.rpm
0867682b553bf2a4f97bf4df13472f52  rh-postgresql-python-7.3.8-2.x86_64.rpm
c3bce4b8c1f3725f1ea74ac05c1bc0bd  rh-postgresql-server-7.3.8-2.x86_64.rpm
d33a6dbd447e819993fb93d48e2429bd  rh-postgresql-tcl-7.3.8-2.x86_64.rpm
24b8957973eb0ea8855318e70fc36286  rh-postgresql-test-7.3.8-2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0977

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2004 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFBxyGwXlSAg2UNWIIRAm1KAJ4/4/gFBuT6MEvrD1p5xaAQTV4PtQCaAs66
H+Rl9iZPEo00f+a5m6dnkjM=
=ZB8B
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQcdr2Ch9+71yA2DNAQLbNAQAgTiWYzO4pGge+HmHLC1a5uyv+cCMSmOB
U35lgSlTDNAk+XRWDVHpBsQVhdeP/eOEvQ+15zCahC9V3f05f6IQjr45j6k8FKkV
3IxAF2jduqFdjAk4yqW3jjsq9mtKlUxNlqHXxLftH2Q1SVxGAmljAqQ06m/TRPsA
j4wTwEUXDQM=
=hKc6
-----END PGP SIGNATURE-----