Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 1002-2: PostgreSQL vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides thecorresponding update for Ubuntu 10.10. [More...]
Ubuntu Security Notice USN-1002-2           October 07, 2010
postgresql-8.4 vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.10:
  postgresql-plperl-8.4           8.4.5-0ubuntu10.10
  postgresql-pltcl-8.4            8.4.5-0ubuntu10.10

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary

Details follow:

USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the
corresponding update for Ubuntu 10.10.

Original advisory details:

 It was discovered that PostgreSQL did not properly enforce permissions
 within sessions when PL/Perl and PL/Tcl functions or operators were
 redefined. A remote authenticated attacker could exploit this to execute
 arbitrary code with permissions of a different user, possibly leading to
 privilege escalation.

Updated packages for Ubuntu 10.10:

  Source archives:
      Size/MD5:    39535 23f8b3a352178737bb56ead8312c86ce
      Size/MD5:     2618 ed2b36e5dae9278e12d57c3d5c12d41c
      Size/MD5: 17590296 8ddea33493bf5cf6f5ea62212bb079df

  Architecture independent packages:
      Size/MD5:    18046 1c384292787a8d1a5dd42f17e2a7efc8
      Size/MD5:    17944 bd565d773cf1f570cfe8f90bbebac5dc
      Size/MD5:  2118952 1c0163b0b9458c91cee4f8f0f9a4cfe4
      Size/MD5:     3450 26111ec43a687d13ce3fa44f9664fe6a
      Size/MD5:    18084 848a9af8970f015693af8ae73fe0a2cb

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:    11340 130564cc4628ceafc3921713ab2e4dcc
      Size/MD5:   240990 e3f6824a873520f17e230a62ad05ac80
      Size/MD5:    33164 308b7aaa612e6c680f5583590e62986e
      Size/MD5:    49340 f24763b931ba512742dd6d03f86d62c5
      Size/MD5:   201420 36249bf7794d77cfb7c05ff4901c0317
      Size/MD5:    88556 20c083d536a138cc44bfa460b93d1eb3
      Size/MD5:  4030288 6384be605d8d3597b9d34be34fafaa03
      Size/MD5:   822908 055d780c681d443e7d31a0b36d7d5ed8
      Size/MD5:   406728 3230bf51c73075032ac03f65770ad976
      Size/MD5:   630842 fb7866cb18076664c304d81e0b8cb021
      Size/MD5:    46686 f8834eb50b0298b2e09f44ce3dde5946
      Size/MD5:    39898 53066a883e73930773d282bf302e9fdb
      Size/MD5:    37482 73ed6ddaf822a4fb9a5d4ad990e9adbb

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:    10310 7c4f24a65407a0b9ff04e7d8b47b994a
      Size/MD5:   226046 419eb5e75f5d6c7864fd0c0bef7d1afd
      Size/MD5:    32056 1319f823acea5395a7d85887486def9d
      Size/MD5:    48064 2e7044fcb4a110609eb22abaed4e72c8
      Size/MD5:   193026 80f3d8d52adb51ac873755fa28dd5bca
      Size/MD5:    83006 2fe4cf19bf4fab85621b09f397bf99a1
      Size/MD5:  3883064 f1e96cb6c5338ef0c0d3ed565d02fba4
      Size/MD5:   776358 f2b56866bd98a688fa76504e4b36647b
      Size/MD5:   363476 21f6d13a2d2b7f7b8a2d9a1e53130684
      Size/MD5:   633542 351ba2390d1ba28b8ff623cdf3839fd9
      Size/MD5:    45058 192433c49f49f994149c7b6e5624348b
      Size/MD5:    37484 e0af027de047269a78024c65d45396ef
      Size/MD5:    36514 ed256af80099b8bd118dab3299ce0549

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:    10728 2038e12c84261eb4d5b4334e9b341163
      Size/MD5:   241180 b55e26e2973cf5d7b359c382f3399dd7
      Size/MD5:    34290 0572b2444e501ec930a167a86722450b
      Size/MD5:    51950 5ac477b5e3b958cbcd7402e6a5bcd9a6
      Size/MD5:   199520 413218cd3db4eac23f69b3aa1ffb2dc3
      Size/MD5:    86118 99303c47040f76c0a759877668c3e41d
      Size/MD5:  4332980 ff598d1c98e57ae87d0a825869ea84af
      Size/MD5:   823870 c4dd1c0be504e1204d0bea21cd85d01b
      Size/MD5:   390012 b678b43d6814d4aa625f6d9b6c232d30
      Size/MD5:   632088 d518262b6c78c1de5be3a21629b28456
      Size/MD5:    45952 583c39e67e37c14a937e2a08655a96ae
      Size/MD5:    39004 b70e2b185875c7cdcb14e3a361589c0e
      Size/MD5:    37188 66e750905a43b134ed13e79106412e52

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.