Operating System:

Published:

18 July 2005

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                       ESB-2005.0564 -- FLSA:152844
              Updated PostgreSQL packages fix security issues
                               18 July 2005

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           PostgreSQL
Publisher:         The Fedora Legacy Project
Operating System:  Fedora Core 1
                   Red Hat Linux 9
                   Red Hat Linux 7.3
                   Linux variants
Impact:            Increased Privileges
                   Execute Arbitrary Code/Commands
                   Denial of Service
                   Overwrite Arbitrary Files
Access:            Existing Account
CVE Names:         CAN-2005-0247 CAN-2005-0246 CAN-2005-0245
                   CAN-2005-0244 CAN-2005-0227 CAN-2004-0977

- --------------------------BEGIN INCLUDED TEXT--------------------

- ---------------------------------------------------------------------
               Fedora Legacy Update Advisory

Synopsis:          Updated PostgreSQL packages fix security issues
Advisory ID:       FLSA:152844
Issue date:        2005-07-16
Product:           Red Hat Linux, Fedora Core
Keywords:          Bugfix
CVE Names:         CAN-2004-0977 CAN-2005-0227 CAN-2005-0244
                   CAN-2005-0245 CAN-2005-0246 CAN-2005-0247
- ---------------------------------------------------------------------


- ---------------------------------------------------------------------
1. Topic:

Updated PostgreSQL packages to fix various security flaws are now available.

PostgreSQL is an advanced Object-Relational database management system
(DBMS).

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

Trustix has identified improper temporary file usage in the
make_oidjoins_check script. It is possible that an attacker could
overwrite arbitrary file contents as the user running the
make_oidjoins_check script. This script has been removed from the RPM file
since it has no use to ordinary users. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0977 to
this issue.

A flaw in the LOAD command in PostgreSQL was discovered. A local user
could use this flaw to load arbitrary shared librarys and therefore execute
arbitrary code, gaining the privileges of the PostgreSQL server. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0227 to this issue.

A permission checking flaw in PostgreSQL was discovered. A local user
could bypass the EXECUTE permission check for functions by using the CREATE
AGGREGATE command. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0244 to this issue.

Multiple buffer overflows were found in PL/PgSQL. A database user who has
permissions to create plpgsql functions could trigger this flaw which could
lead to arbitrary code execution, gaining the privileges of the PostgreSQL
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CAN-2005-0245 and CAN-2005-0247 to these issues.

A flaw in the integer aggregator (intagg) contrib module for PostgreSQL was
found. A user could create carefully crafted arrays and cause a denial of
service (crash). The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0246 to this issue.

Users of PostgreSQL are advised to update to these erratum packages which
are not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which
are not installed but included in the list will not be updated.  Note
that you can also use wildcards (*.rpm) if your current directory *only*
contains the desired RPMs.

Please note that this update is also available via yum and apt.  Many
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.  This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152844

6. RPMs required:

Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/postgresql-7.2.7-1.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-contrib-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-devel-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-docs-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-jdbc-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-libs-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-odbc-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-perl-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-python-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-server-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-tcl-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-test-7.2.7-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/postgresql-tk-7.2.7-1.2.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-contrib-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-devel-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-docs-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-jdbc-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-libs-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-pl-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-python-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-server-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-tcl-7.3.9-0.90.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/postgresql-test-7.3.9-0.90.2.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/postgresql-7.3.9-1.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-contrib-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-devel-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-docs-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-jdbc-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-libs-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-pl-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-python-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-server-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-tcl-7.3.9-1.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/postgresql-test-7.3.9-1.2.legacy.i386.rpm


7. Verification:

SHA1 sum                                 Package Name
- ---------------------------------------------------------------------

d31c189c8a7deff6956075bf77e2b1d65ec5c4a7
redhat/7.3/updates/i386/postgresql-7.2.7-1.2.legacy.i386.rpm
2f0d1bf43ce424777839a4114c1586de17003028
redhat/7.3/updates/i386/postgresql-contrib-7.2.7-1.2.legacy.i386.rpm
3c8ca3b49b600ee328d376509ba2fa81178bc785
redhat/7.3/updates/i386/postgresql-devel-7.2.7-1.2.legacy.i386.rpm
69f068253ca62dbfecf102e4599ad592fe07d654
redhat/7.3/updates/i386/postgresql-docs-7.2.7-1.2.legacy.i386.rpm
0aef7d8c5eaa0f9acbbf6bbdb9aa325ff993094c
redhat/7.3/updates/i386/postgresql-jdbc-7.2.7-1.2.legacy.i386.rpm
4ddd20835495bf19a00665136b3e7634e3e29da4
redhat/7.3/updates/i386/postgresql-libs-7.2.7-1.2.legacy.i386.rpm
11a5ef1ad11f2cbd11344aa225c4685ecffe56c1
redhat/7.3/updates/i386/postgresql-odbc-7.2.7-1.2.legacy.i386.rpm
5cafe5600b825fcbf96eebc390ac0f2024b2a2be
redhat/7.3/updates/i386/postgresql-perl-7.2.7-1.2.legacy.i386.rpm
a00ed6283f7b0b4878be4a5d33c4d08c6cecd032
redhat/7.3/updates/i386/postgresql-python-7.2.7-1.2.legacy.i386.rpm
022b23b4f4f7942220a8ca069b739089873685b2
redhat/7.3/updates/i386/postgresql-server-7.2.7-1.2.legacy.i386.rpm
77156886ec28350b6dffef06f96fcb3ee1ee7ebf
redhat/7.3/updates/i386/postgresql-tcl-7.2.7-1.2.legacy.i386.rpm
2c3cc238af77cee13a342c677c965c5d57c34bb9
redhat/7.3/updates/i386/postgresql-test-7.2.7-1.2.legacy.i386.rpm
f150672bd8473dc450010b436e557a46761f5c57
redhat/7.3/updates/i386/postgresql-tk-7.2.7-1.2.legacy.i386.rpm
35222d526cd08e720a50d5f441a152fc6d93056f
redhat/7.3/updates/SRPMS/postgresql-7.2.7-1.2.legacy.src.rpm
97c1e38c06d6bb16a76e346aad2a9ae9f4dbe4de
redhat/9/updates/i386/postgresql-7.3.9-0.90.2.legacy.i386.rpm
44dc64014d89dd84cb7dbc7077adcb0b8d382233
redhat/9/updates/i386/postgresql-contrib-7.3.9-0.90.2.legacy.i386.rpm
12fea917971b79931ab833c7725e2fed9ee737f5
redhat/9/updates/i386/postgresql-devel-7.3.9-0.90.2.legacy.i386.rpm
db0d341829ca4d29dfefa049939efea2f0a7b966
redhat/9/updates/i386/postgresql-docs-7.3.9-0.90.2.legacy.i386.rpm
882789ef9a838332b16477f4c217c9c61517ac97
redhat/9/updates/i386/postgresql-jdbc-7.3.9-0.90.2.legacy.i386.rpm
9247cee701af231b2c5a29d880c347a2a9d99399
redhat/9/updates/i386/postgresql-libs-7.3.9-0.90.2.legacy.i386.rpm
7afd9c0344c6b340d77fd74be9ba2f7b078d7a8a
redhat/9/updates/i386/postgresql-pl-7.3.9-0.90.2.legacy.i386.rpm
11889c69f5ecafcbf8d75905d8452ae3a8f8227f
redhat/9/updates/i386/postgresql-python-7.3.9-0.90.2.legacy.i386.rpm
1446eb258819fb54beb7c4cafd53ad828b445eab
redhat/9/updates/i386/postgresql-server-7.3.9-0.90.2.legacy.i386.rpm
9d367f4e478199a6d186633f302c706ba2a6dbd6
redhat/9/updates/i386/postgresql-tcl-7.3.9-0.90.2.legacy.i386.rpm
8c06644a98389f11fa1a5a13f5a4d6c9558b8d0f
redhat/9/updates/i386/postgresql-test-7.3.9-0.90.2.legacy.i386.rpm
7855eeced400cfeaf85b478c69810099eb304826
redhat/9/updates/SRPMS/postgresql-7.3.9-0.90.2.legacy.src.rpm
e41bd8377a22b935f44202ddc785fc9185355234
fedora/1/updates/i386/postgresql-7.3.9-1.2.legacy.i386.rpm
efab40afd8fe5c92a7d68a5a41d01fcec96430c6
fedora/1/updates/i386/postgresql-contrib-7.3.9-1.2.legacy.i386.rpm
9044550eed20628c22f4f75bb13afcddfd0d724a
fedora/1/updates/i386/postgresql-devel-7.3.9-1.2.legacy.i386.rpm
8c689dc13b2be91d97a235a389f85f615d1d1ee6
fedora/1/updates/i386/postgresql-docs-7.3.9-1.2.legacy.i386.rpm
2da174ac3fd08fa4e5dda831054d1e541f7226fb
fedora/1/updates/i386/postgresql-jdbc-7.3.9-1.2.legacy.i386.rpm
d6a0eb0d12ebc73b5fde3bd45e6eb9061f56ca00
fedora/1/updates/i386/postgresql-libs-7.3.9-1.2.legacy.i386.rpm
a1bccc43dffd3bbb0bcd1351f4b75965f8e24e6d
fedora/1/updates/i386/postgresql-pl-7.3.9-1.2.legacy.i386.rpm
4a4d1bf5cfa876b0303a4eefb4df4aea7f90cea3
fedora/1/updates/i386/postgresql-python-7.3.9-1.2.legacy.i386.rpm
62e0287827577a799f586b0815cbbe5544952207
fedora/1/updates/i386/postgresql-server-7.3.9-1.2.legacy.i386.rpm
c993c8888856a89603116de70a8f6f5de8422c7a
fedora/1/updates/i386/postgresql-tcl-7.3.9-1.2.legacy.i386.rpm
766dd53d0ef9761c986373f7c9626ecb85635893
fedora/1/updates/i386/postgresql-test-7.3.9-1.2.legacy.i386.rpm
993c2134e2a29ecde59935afa87b6d11a1d3a108
fedora/1/updates/SRPMS/postgresql-7.3.9-1.2.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security.  Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

    sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More
project details at http://www.fedoralegacy.org

- ---------------------------------------------------------------------

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQtsRwih9+71yA2DNAQLzOAQAgEpdyd0Ley6A2zPPHVdhE7wXMRjGOttw
BPRq0b5bSUt+mu9e9ZHQ5I2DXqTM0F5VP1kDsdLJGjXkZnwlImd/4lduKW4JuuE1
e1+r9Nf0XYw+7PIBv/wsom0AZjiz9DjOb1N8Yg+pK0KBfRFNgAh1oSlFo/hrbYN9
Whr1vwe1eBY=
=oPP6
-----END PGP SIGNATURE-----