(RHSA-2004:489) rh-postgresql security update

2004-12-2000:00:00

access.redhat.com

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including transactions,
subselects, and user-defined types and functions).

Trustix has identified improper temporary file usage in the
make_oidjoins_check script. It is possible that an attacker could
overwrite arbitrary file contents as the user running the
make_oidjoins_check script. This script has been removed from the RPM file
since it has no use to ordinary users. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0977 to
this issue.

Additionally, the following non-security issues have been addressed:

Fixed a low probability risk for loss of recently committed transactions.
Fixed a low probability risk for loss of older data due to failure to
update transaction status.
A lock file problem that sometimes prevented automatic restart after a
system crash has been fixed.

All users of rh-postgresql should upgrade to these updated packages, which
resolve these issues.

OSVersionArchitecturePackageVersionFilename
RedHatanyia64rh-postgresql-libs< 7.3.8-2rh-postgresql-libs-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql-devel< 7.3.8-2rh-postgresql-devel-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql-test< 7.3.8-2rh-postgresql-test-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql-docs< 7.3.8-2rh-postgresql-docs-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql< 7.3.8-2rh-postgresql-7.3.8-2.ia64.rpm
RedHatanyi386rh-postgresql-libs< 7.3.8-2rh-postgresql-libs-7.3.8-2.i386.rpm
RedHatanyia64rh-postgresql-python< 7.3.8-2rh-postgresql-python-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql-server< 7.3.8-2rh-postgresql-server-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql-jdbc< 7.3.8-2rh-postgresql-jdbc-7.3.8-2.ia64.rpm
RedHatanyia64rh-postgresql-pl< 7.3.8-2rh-postgresql-pl-7.3.8-2.ia64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ia64	rh-postgresql-libs	< 7.3.8-2	rh-postgresql-libs-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql-devel	< 7.3.8-2	rh-postgresql-devel-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql-test	< 7.3.8-2	rh-postgresql-test-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql-docs	< 7.3.8-2	rh-postgresql-docs-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql	< 7.3.8-2	rh-postgresql-7.3.8-2.ia64.rpm
RedHat	any	i386	rh-postgresql-libs	< 7.3.8-2	rh-postgresql-libs-7.3.8-2.i386.rpm
RedHat	any	ia64	rh-postgresql-python	< 7.3.8-2	rh-postgresql-python-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql-server	< 7.3.8-2	rh-postgresql-server-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql-jdbc	< 7.3.8-2	rh-postgresql-jdbc-7.3.8-2.ia64.rpm
RedHat	any	ia64	rh-postgresql-pl	< 7.3.8-2	rh-postgresql-pl-7.3.8-2.ia64.rpm