Risks
Advisories
Browse
or
or
Mandriva Linux Security Update Advisory - postgresql (MDVSA-2013:012)
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2013:012
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : postgresql
 Date    : February 15, 2013
 Affected: 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been discovered and corrected in postgresql:

 PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12,
 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare
 the enum_recv function in backend/utils/adt/enum.c, which causes it to
 be invoked with incorrect arguments and allows remote authenticated
 users to cause a denial of service (server crash) or read sensitive
 process memory via a crafted SQL command, which triggers an array
 index error and an out-of-bounds read (CVE-2013-0255).

 This advisory provides the latest versions of PostgreSQL that is not
 vulnerable to these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
 http://www.postgresql.org/docs/8.3/static/release-8-3-23.html
 http://www.postgresql.org/docs/9.0/static/release-9-0-12.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2011:
 e9506dea9a59005668b046e7c3c6d968 
2011/i586/libecpg9.0_6-9.0.12-0.1-mdv2011.0.i586.rpm
 1c4d6b43ff4540bf4e9cd9fcb23ad824 
2011/i586/libpq9.0_5-9.0.12-0.1-mdv2011.0.i586.rpm
 2b608e6cc6bfc0d784d4f6a3fd85957f 
2011/i586/postgresql9.0-9.0.12-0.1-mdv2011.0.i586.rpm
 8fcb75ea83b5bdb62c10e8a4453cfb89 
2011/i586/postgresql9.0-contrib-9.0.12-0.1-mdv2011.0.i586.rpm
 9e4bc0f9b22e0cf75db12042aa0dceb0 
2011/i586/postgresql9.0-devel-9.0.12-0.1-mdv2011.0.i586.rpm
 61cbfe086e73750a4c22a6dcc29da48f 
2011/i586/postgresql9.0-docs-9.0.12-0.1-mdv2011.0.i586.rpm
 17a11d0af51d26b2dffe0ea532998c82 
2011/i586/postgresql9.0-pl-9.0.12-0.1-mdv2011.0.i586.rpm
 f5e09c159529185531ab3703471dd716 
2011/i586/postgresql9.0-plperl-9.0.12-0.1-mdv2011.0.i586.rpm
 385989a88a2148262c9c49024881172c 
2011/i586/postgresql9.0-plpgsql-9.0.12-0.1-mdv2011.0.i586.rpm
 f16eb4df34dd76b8884ac5f0c9544f8d 
2011/i586/postgresql9.0-plpython-9.0.12-0.1-mdv2011.0.i586.rpm
 879576e48d24429a442cc85c003df9da 
2011/i586/postgresql9.0-pltcl-9.0.12-0.1-mdv2011.0.i586.rpm
 e993961bf136ed48f01afa28e96ddcd4 
2011/i586/postgresql9.0-server-9.0.12-0.1-mdv2011.0.i586.rpm
 b9ef06eaa866a89f10ce2e024abf918d  2011/SRPMS/postgresql9.0-9.0.12-0.1.src.rpm

 Mandriva Linux 2011/X86_64:
 ca0af0581b132c4691a32ac0bb47fd0d 
2011/x86_64/lib64ecpg9.0_6-9.0.12-0.1-mdv2011.0.x86_64.rpm
 be2b6313b2033cefc7968bae266f3d4e 
2011/x86_64/lib64pq9.0_5-9.0.12-0.1-mdv2011.0.x86_64.rpm
 79e5ae78046382652d74f8bce6cdcf16 
2011/x86_64/postgresql9.0-9.0.12-0.1-mdv2011.0.x86_64.rpm
 d723b8db972c8504d6605a16b6055599 
2011/x86_64/postgresql9.0-contrib-9.0.12-0.1-mdv2011.0.x86_64.rpm
 f40e55d14e94f8a891a42903da88ef6c 
2011/x86_64/postgresql9.0-devel-9.0.12-0.1-mdv2011.0.x86_64.rpm
 6f90705211bea4469e5c77c3d58b931e 
2011/x86_64/postgresql9.0-docs-9.0.12-0.1-mdv2011.0.x86_64.rpm
 22da99fcfe271c77dea055339a1d3aa7 
2011/x86_64/postgresql9.0-pl-9.0.12-0.1-mdv2011.0.x86_64.rpm
 2528326a3d1dfa634da7550423e5861d 
2011/x86_64/postgresql9.0-plperl-9.0.12-0.1-mdv2011.0.x86_64.rpm
 63e22a5bdb299e69f24ece9a4d71db97 
2011/x86_64/postgresql9.0-plpgsql-9.0.12-0.1-mdv2011.0.x86_64.rpm
 89b11a80ea205b87367ad32a592a963b 
2011/x86_64/postgresql9.0-plpython-9.0.12-0.1-mdv2011.0.x86_64.rpm
 fbee7bc2f1294375556c3103f1d2f323 
2011/x86_64/postgresql9.0-pltcl-9.0.12-0.1-mdv2011.0.x86_64.rpm
 e012bbda94bccb33ff07fdebcc3ac2b9 
2011/x86_64/postgresql9.0-server-9.0.12-0.1-mdv2011.0.x86_64.rpm
 b9ef06eaa866a89f10ce2e024abf918d  2011/SRPMS/postgresql9.0-9.0.12-0.1.src.rpm

 Mandriva Enterprise Server 5:
 0d0ae7925e9cb4592010ab8313967a5b 
mes5/i586/libecpg8.3_6-8.3.23-0.1mdvmes5.2.i586.rpm
 11721dc056dfbf642629add846786cab  mes5/i586/libpq8.3_5-8.3.23-0.1mdvmes5.2.i586.rpm
 a0d000548a79ca36d012a7a7f6ad384f 
mes5/i586/postgresql8.3-8.3.23-0.1mdvmes5.2.i586.rpm
 2c4b3c6d59580f3b77ffc2d7f8148b6c 
mes5/i586/postgresql8.3-contrib-8.3.23-0.1mdvmes5.2.i586.rpm
 de2bb7047ff7efac2a1d9d2e193fbb93 
mes5/i586/postgresql8.3-devel-8.3.23-0.1mdvmes5.2.i586.rpm
 8810231bfd92b3a0382257b4e9eb28ce 
mes5/i586/postgresql8.3-docs-8.3.23-0.1mdvmes5.2.i586.rpm
 3ec9f82ed5b6abce6ce8dce6de5f0520 
mes5/i586/postgresql8.3-pl-8.3.23-0.1mdvmes5.2.i586.rpm
 2eb29d15970865abd9d2c1bd4921ecc5 
mes5/i586/postgresql8.3-plperl-8.3.23-0.1mdvmes5.2.i586.rpm
 ac22abd2cbbf8da7e328c0d2b3c9b172 
mes5/i586/postgresql8.3-plpgsql-8.3.23-0.1mdvmes5.2.i586.rpm
 ddb37f2e2b8c45eb4babc54a10a51aa2 
mes5/i586/postgresql8.3-plpython-8.3.23-0.1mdvmes5.2.i586.rpm
 bd46f094a102f2f5fbdddf8983adc7b7 
mes5/i586/postgresql8.3-pltcl-8.3.23-0.1mdvmes5.2.i586.rpm
 afff75170750ad5d4d4d7d653f3aa9fd 
mes5/i586/postgresql8.3-server-8.3.23-0.1mdvmes5.2.i586.rpm
 f7f7ba7bc6e6de514280ed87dd25fb33 
mes5/SRPMS/postgresql8.3-8.3.23-0.1mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 9ad2ad9c6b5ef758f8be28759f77284f 
mes5/x86_64/lib64ecpg8.3_6-8.3.23-0.1mdvmes5.2.x86_64.rpm
 e9e0bc69eb089860410c9022b145287e 
mes5/x86_64/lib64pq8.3_5-8.3.23-0.1mdvmes5.2.x86_64.rpm
 7f8a87531adf93e9aca1ad05e600c7ee 
mes5/x86_64/postgresql8.3-8.3.23-0.1mdvmes5.2.x86_64.rpm
 020840745639ac403d05032b4d30e517 
mes5/x86_64/postgresql8.3-contrib-8.3.23-0.1mdvmes5.2.x86_64.rpm
 5c52b266413eccb8506c20cbdb15acd0 
mes5/x86_64/postgresql8.3-devel-8.3.23-0.1mdvmes5.2.x86_64.rpm
 131bfa3a306b757513facfc4c2e6be54 
mes5/x86_64/postgresql8.3-docs-8.3.23-0.1mdvmes5.2.x86_64.rpm
 d41254775b0aa0f005b89ed4a53226bc 
mes5/x86_64/postgresql8.3-pl-8.3.23-0.1mdvmes5.2.x86_64.rpm
 e6bf627454d9fa729f96c1f10514b371 
mes5/x86_64/postgresql8.3-plperl-8.3.23-0.1mdvmes5.2.x86_64.rpm
 5e348fcaed39416e70787b5784d9fa92 
mes5/x86_64/postgresql8.3-plpgsql-8.3.23-0.1mdvmes5.2.x86_64.rpm
 f6a506888404e022274e87501819c7c7 
mes5/x86_64/postgresql8.3-plpython-8.3.23-0.1mdvmes5.2.x86_64.rpm
 5f6492800978d59a991ca17fe32d24a1 
mes5/x86_64/postgresql8.3-pltcl-8.3.23-0.1mdvmes5.2.x86_64.rpm
 1e38fc1af606117aaced611e789eafb9 
mes5/x86_64/postgresql8.3-server-8.3.23-0.1mdvmes5.2.x86_64.rpm
 f7f7ba7bc6e6de514280ed87dd25fb33 
mes5/SRPMS/postgresql8.3-8.3.23-0.1mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>




Spotlight

What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //