Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in postgresql
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in postgresql
ID: DSA-683-1
Distribution: Debian
Plattformen: Debian woody
Datum: Mi, 16. Februar 2005, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0247
Applikationen: PostgreSQL

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 683-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 15th, 2005 http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package : postgresql
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE IDs : CAN-2005-0245 CAN-2005-0247

Several buffer overflows have been discovered in PL/PgSQL as part of
the PostgreSQL engine which could lead to the execution of arbitrary
code.

For the stable distribution (woody) these problems have been fixed in
version 7.2.1-2woody8.

For the unstable distribution (sid) these problems have been fixed in
version 7.4.7-2.

We recommend that you upgrade your postgresql packages.


Upgrade Instructions
--------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
--------------------------------

Source archives:

postgresql_7.2.1-2woody8.dsc
Size/MD5 checksum: 966 d4a2c0311749b876f6f8cc22038289e2
postgresql_7.2.1-2woody8.diff.gz
Size/MD5 checksum: 120615 530bfcef7b85fe6da221c95fe222c852
postgresql_7.2.1.orig.tar.gz
Size/MD5 checksum: 9237680 d075e9c49135899645dff57bc58d6233

Architecture independent components:

postgresql-doc_7.2.1-2woody8_all.deb
Size/MD5 checksum: 2069670 1bf4b5b7f2711e4efa36880151fc24bd

Alpha architecture:

libecpg3_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 34802 b412685534d6774a6262870416518ea7
libpgperl_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 68764 def41f131067ae15e80ee3b9e5148f65
libpgsql2_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 78040 3d719ec62a11f02205f57eadff14ff6d
libpgtcl_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 67748 4a34eb3cc1774ba25e091b885f944b53
odbc-postgresql_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 290372 e9a61698a5b698cf6a059b9e610f3411
pgaccess_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 425460 fee5452a125419cc39a4b5b1974dd2bf
postgresql_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 1817274 92519cd5969004437fd2ec149140f1ec
postgresql-client_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 319940 75acaf5ef86d2362f851ddf5918aca96
postgresql-contrib_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 387604 8c1aaa630da56fd3f2d0a39eae2765ad
postgresql-dev_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 541264 459dab9286c3710de72751a983df9ef7
python-pygresql_7.2.1-2woody8_alpha.deb
Size/MD5 checksum: 65434 69c853e90b8213c9a9e50662e6411ec8

ARM architecture:

libecpg3_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 31900 c913966d0170207e19bc5ac955ce2e27
libpgperl_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 64910 cd34de8e8fe0c5b778b4a20f5601b05a
libpgsql2_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 65752 2f3793f5f55b9f81aedb5dec71a4f99f
libpgtcl_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 57976 26e63872c92df8ff0be687bef7cb05f1
odbc-postgresql_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 234316 ff0712ecc0a84df3161413f6a0e31178
pgaccess_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 425632 a2a13e576824a00299c447ec44f7eea3
postgresql_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 1600434 a856cc118e459f68227e82231dbc6ac4
postgresql-client_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 285624 e45f81629e315c9f30c002cae8e7d663
postgresql-contrib_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 341184 fa19e637fe18b1fbd18cc79c90dac1ef
postgresql-dev_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 511168 db1e5ac754673cb66fa2da69fb1f6a92
python-pygresql_7.2.1-2woody8_arm.deb
Size/MD5 checksum: 62684 c35acc4775b94a8e7bae5914c72f6d47

Intel IA-32 architecture:

libecpg3_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 30968 1682a3299c2b75a788e666522a23c814
libpgperl_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 61664 a4a94cb1ea89b6f40dc21a6f6dd06b49
libpgsql2_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 66276 4dc34046e8ef98054b35f526b2d8b6ab
libpgtcl_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 54836 5f37ed094318ec8c18f044cedb82e295
odbc-postgresql_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 202142 5a1c4efa11b40dc78ccc722225ee4f24
pgaccess_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 426522 4993bce996442d0da4e24ccb1ec71694
postgresql_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 1554460 0ca6fc2c65ac4ab63360d1b50c4c70d2
postgresql-client_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 281584 2a57aeac5d1da5d7c249b56f91dd74fd
postgresql-contrib_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 328480 7903136dd2a962c2860725c900e3a8ef
postgresql-dev_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 498292 5d80bff4016138138952094c80c145aa
python-pygresql_7.2.1-2woody8_i386.deb
Size/MD5 checksum: 61770 93237d245dd81b4d5c070bccea66ffcf

Intel IA-64 architecture:

libecpg3_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 39650 f69594da10e390e89848e417fc10fa4f
libpgperl_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 77524 de23bfdc2b738e322e32239331a8970f
libpgsql2_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 90840 73a348937e49415602c0680242a5227b
libpgtcl_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 77308 01fbe3520e37c68d4a45346c7b85e64b
odbc-postgresql_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 333404 79be96b1704ce9e17aa9da75a65ce4d1
pgaccess_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 425444 30511fbdfd15d5efdfbc81c2581e4b01
postgresql_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 2093210 561bf768519c684a331b9d514b551023
postgresql-client_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 363686 17a7339200ce40aea16189d9cbca4a70
postgresql-contrib_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 434908 852ea8acaae71f48a5ee9acfd66ea6fc
postgresql-dev_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 555282 97996ae93a665dfae9cf8a2f787b7174
python-pygresql_7.2.1-2woody8_ia64.deb
Size/MD5 checksum: 71332 5abc8f8ae02ea9faaf87ae97eb371193

HP Precision architecture:

libecpg3_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 34130 29605f9520c9026004babc1a009ae7a1
libpgperl_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 70742 ecf1ffc13f35a5973580f5e16dca9b18
libpgsql2_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 77274 1da8955209e3602f116b67e3daf8e800
libpgtcl_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 65966 d08701e1b27e7238b3ae9ab96fbdffe4
odbc-postgresql_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 254910 b0b958f79f47076f754550a1cc4fb476
pgaccess_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 425612 dcb57cdfab9f70179f776a6854c87d42
postgresql_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 1826464 bb9330cd346abe7902980f65091359de
postgresql-client_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 304938 bc5612b62c4a2cbcfffc8355dc0099c7
postgresql-contrib_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 372308 28fb0415d8f45daeda2a6b1b27c81083
postgresql-dev_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 524440 99b3d8e0974202591aa3416ad40816cb
python-pygresql_7.2.1-2woody8_hppa.deb
Size/MD5 checksum: 66502 dee6fd24194876f6c88dddfc9d3ad306

Motorola 680x0 architecture:

libecpg3_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 30802 9f644ffed633065990d6de07af5238e7
libpgperl_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 63262 5506b71797c8210362c63d5473ec62df
libpgsql2_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 65884 cab66990426a2009ca5c0f600a76694c
libpgtcl_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 55024 c0bbf8050d03bd602b62c336b338883a
odbc-postgresql_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 187718 1e6ca320fddfba90078c82a6f160db4e
pgaccess_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 425712 68ba215eaa737141055c3b0e442071be
postgresql_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 1583932 e0cc73b36eca938793007a3b26e84d86
postgresql-client_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 270154 f975145555d8f045190e384b01df14c9
postgresql-contrib_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 325436 3b54bd0850225fd6a36351f5772fb007
postgresql-dev_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 490144 68fd09da2dd077f1e5f30095e9b52476
python-pygresql_7.2.1-2woody8_m68k.deb
Size/MD5 checksum: 62506 8bbd6c5d71d4ca6a52cf6ec33dc55214

Big endian MIPS architecture:

libecpg3_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 31264 cb5c636aca0e3659ef8edc0ebb760a19
libpgperl_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 59270 079e6c6402d4ee85868e2f0dc260d42a
libpgsql2_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 65522 86deb1988dc9802dcd051b43fd3f1c6e
libpgtcl_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 59382 06a50008fc190a0b4d3f84f78995e015
odbc-postgresql_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 237574 a5c71e182d095bb96856489b8f1cf082
pgaccess_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 425682 5c92cb84583fcf313425c9a58dea9f83
postgresql_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 1751004 0c7c254ea8cec35ac9be1b17b8d48ffb
postgresql-client_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 294392 3cae1c91c52da1eb7a269b234ca66e4b
postgresql-contrib_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 344098 b122316c8a2cb3d68ed57bf197f84d2e
postgresql-dev_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 515688 de46f1282ed5f11890dffdcd110093f9
python-pygresql_7.2.1-2woody8_mips.deb
Size/MD5 checksum: 61794 8d3bb00fc58241680ca3acf6e6ae6cea

Little endian MIPS architecture:

libecpg3_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 31272 21b679efde2078f5f81fc026412a98c3
libpgperl_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 59018 2238a2413e7f2fa7e35872b5d75d2de3
libpgsql2_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 65112 78ff31b4f46a6b8b0c16f9a4c4fe9d52
libpgtcl_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 59316 caa3be5d90de0d0e5cb444270df3dd2a
odbc-postgresql_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 237978 3e4a3566553feaf89ba5b9696db45a2b
pgaccess_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 425642 59061e36b04fc35d5e83a99b27ea6194
postgresql_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 1662586 bfccb4377def44e2154b49f72a0250da
postgresql-client_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 294726 4f5f2c81b89ebb05e8a6d13920814c48
postgresql-contrib_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 343854 d3770ada61a0a7eeeffb431fd30ece44
postgresql-dev_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 512992 3704c957cd4f1a4b2af9167ee1d3975a
python-pygresql_7.2.1-2woody8_mipsel.deb
Size/MD5 checksum: 61756 d2d8ca618da849f8caa26ca4ddf9630a

PowerPC architecture:

libecpg3_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 32638 f265ebdd0cc0632b6b235fe1a343a5e0
libpgperl_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 69692 0769b917b6735fee10066099954c18ad
libpgsql2_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 67726 bf35313e0db194e8284fa65f8570d295
libpgtcl_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 57250 08b836c73dc00a1a1095106d61a7c61e
odbc-postgresql_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 243138 00f2791b1f289bddb1b69c16ed851c56
pgaccess_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 425468 418cac90c2ae5da3f7832d1fc971ffec
postgresql_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 1701098 87ffcc4e822603d35aae07816d711816
postgresql-client_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 288740 0c8e185593df1169887e39ae591ee894
postgresql-contrib_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 342142 0d27af61834bf9834d9cd3a337ffd64b
postgresql-dev_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 511328 a733e169d84fc3c63cbca3f0d428c762
python-pygresql_7.2.1-2woody8_powerpc.deb
Size/MD5 checksum: 62626 19c0660f6daa96cfb75ebc279d37c6c3

IBM S/390 architecture:

libecpg3_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 31542 e41ba2f776e9d5190e420ef1819836dc
libpgperl_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 64100 88597686e78b43f65c06adccb3dd0a68
libpgsql2_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 68338 a9da5f084b636f82e51366789b981d23
libpgtcl_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 56510 133ea519128490277f117b65fe7df681
odbc-postgresql_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 214856 b9f4257d85ecc93c6679b75f4ff79593
pgaccess_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 425486 a2822cb5ee1d452df5cd83aa1d024d16
postgresql_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 1669472 47d1c05ea009cbf6735719f7543cb62b
postgresql-client_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 284502 f6ddd8d1cbb2b96dac5f3908f9156356
postgresql-contrib_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 347172 2481686c9542ae89904b01d15d0e5b8a
postgresql-dev_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 502284 f14563130b1665ff9e2d5dd77828d596
python-pygresql_7.2.1-2woody8_s390.deb
Size/MD5 checksum: 63120 4f3dcc1e7a125faac0345878a10942c8

Sun Sparc architecture:

libecpg3_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 31224 4cfd13e0a0a7ffd2130d8d2c59a4231e
libpgperl_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 64900 8e173f3fb59d05c7e3c09f334ca4801f
libpgsql2_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 68474 b47d3ec99048af40e0fd70a6ad3dfbdd
libpgtcl_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 55348 27bb3a34c1ef367daad54deab1294c9e
odbc-postgresql_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 232904 ba3283469f3aefe1da3cab2498be2122
pgaccess_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 425514 d19e08e82966f652eb95b3c12a90202e
postgresql_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 1672056 e2dd0c17c4d349e02d2d0fe1cc3aa8ca
postgresql-client_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 289146 97800fc500df6dc0fb79ce56a8ce32b0
postgresql-contrib_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 371450 0201925279f540de1ebba8126f46c506
postgresql-dev_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 502430 afdee51b834c8f6f1fa63e7ce8125478
python-pygresql_7.2.1-2woody8_sparc.deb
Size/MD5 checksum: 62682 e0e47123d47f4b7aae4a0e50bf329105


These files will probably be moved into the stable distribution on
its next update.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCEh1MW5ql+IAeqTIRAg9DAJ4jahqS4+5ap9dYqZJZXzwlpTq4wwCgrMvf
AI8DcyabJxnumlb6dyFq6CU=
=O+VR
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung