Oval Definition:oval:com.redhat.rhsa:def:20070336
Revision Date:2007-05-08Version:635
Title:RHSA-2007:0336: postgresql security update (Moderate)
Description:PostgreSQL is an advanced Object-Relational database management system (DBMS).

  • A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. (CVE-2007-2138)

    Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 8.1.9, 7.4.17, and 7.3.19 which corrects this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-2138
    RHSA-2007:0336
    RHSA-2007:0336-02
    RHSA-2007:0336-02
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • rh-postgresql-server is earlier than 0:7.3.19-1
  • AND rh-postgresql-server is signed with Red Hat master key
  • rh-postgresql-devel is earlier than 0:7.3.19-1
  • AND rh-postgresql-devel is signed with Red Hat master key
  • rh-postgresql-libs is earlier than 0:7.3.19-1
  • AND rh-postgresql-libs is signed with Red Hat master key
  • rh-postgresql-docs is earlier than 0:7.3.19-1
  • AND rh-postgresql-docs is signed with Red Hat master key
  • rh-postgresql-jdbc is earlier than 0:7.3.19-1
  • AND rh-postgresql-jdbc is signed with Red Hat master key
  • rh-postgresql-pl is earlier than 0:7.3.19-1
  • AND rh-postgresql-pl is signed with Red Hat master key
  • rh-postgresql-tcl is earlier than 0:7.3.19-1
  • AND rh-postgresql-tcl is signed with Red Hat master key
  • rh-postgresql is earlier than 0:7.3.19-1
  • AND rh-postgresql is signed with Red Hat master key
  • rh-postgresql-python is earlier than 0:7.3.19-1
  • AND rh-postgresql-python is signed with Red Hat master key
  • rh-postgresql-contrib is earlier than 0:7.3.19-1
  • AND rh-postgresql-contrib is signed with Red Hat master key
  • rh-postgresql-test is earlier than 0:7.3.19-1
  • AND rh-postgresql-test is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • postgresql-contrib is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-contrib is signed with Red Hat master key
  • postgresql-tcl is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-tcl is signed with Red Hat master key
  • postgresql-devel is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-devel is signed with Red Hat master key
  • postgresql-server is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-server is signed with Red Hat master key
  • postgresql is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql is signed with Red Hat master key
  • postgresql-pl is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-pl is signed with Red Hat master key
  • postgresql-test is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-test is signed with Red Hat master key
  • postgresql-libs is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-libs is signed with Red Hat master key
  • postgresql-python is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-python is signed with Red Hat master key
  • postgresql-docs is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-docs is signed with Red Hat master key
  • postgresql-jdbc is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-jdbc is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • postgresql-python is earlier than 0:8.1.9-1.el5
  • AND postgresql-python is signed with Red Hat redhatrelease key
  • postgresql-pl is earlier than 0:8.1.9-1.el5
  • AND postgresql-pl is signed with Red Hat redhatrelease key
  • postgresql-contrib is earlier than 0:8.1.9-1.el5
  • AND postgresql-contrib is signed with Red Hat redhatrelease key
  • postgresql-docs is earlier than 0:8.1.9-1.el5
  • AND postgresql-docs is signed with Red Hat redhatrelease key
  • postgresql is earlier than 0:8.1.9-1.el5
  • AND postgresql is signed with Red Hat redhatrelease key
  • postgresql-tcl is earlier than 0:8.1.9-1.el5
  • AND postgresql-tcl is signed with Red Hat redhatrelease key
  • postgresql-libs is earlier than 0:8.1.9-1.el5
  • AND postgresql-libs is signed with Red Hat redhatrelease key
  • postgresql-devel is earlier than 0:8.1.9-1.el5
  • AND postgresql-devel is signed with Red Hat redhatrelease key
  • postgresql-server is earlier than 0:8.1.9-1.el5
  • AND postgresql-server is signed with Red Hat redhatrelease key
  • postgresql-test is earlier than 0:8.1.9-1.el5
  • AND postgresql-test is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • rh-postgresql is earlier than 0:7.3.19-1
  • AND rh-postgresql is signed with Red Hat master key
  • rh-postgresql-contrib is earlier than 0:7.3.19-1
  • AND rh-postgresql-contrib is signed with Red Hat master key
  • rh-postgresql-devel is earlier than 0:7.3.19-1
  • AND rh-postgresql-devel is signed with Red Hat master key
  • rh-postgresql-docs is earlier than 0:7.3.19-1
  • AND rh-postgresql-docs is signed with Red Hat master key
  • rh-postgresql-jdbc is earlier than 0:7.3.19-1
  • AND rh-postgresql-jdbc is signed with Red Hat master key
  • rh-postgresql-libs is earlier than 0:7.3.19-1
  • AND rh-postgresql-libs is signed with Red Hat master key
  • rh-postgresql-pl is earlier than 0:7.3.19-1
  • AND rh-postgresql-pl is signed with Red Hat master key
  • rh-postgresql-python is earlier than 0:7.3.19-1
  • AND rh-postgresql-python is signed with Red Hat master key
  • rh-postgresql-server is earlier than 0:7.3.19-1
  • AND rh-postgresql-server is signed with Red Hat master key
  • rh-postgresql-tcl is earlier than 0:7.3.19-1
  • AND rh-postgresql-tcl is signed with Red Hat master key
  • rh-postgresql-test is earlier than 0:7.3.19-1
  • AND rh-postgresql-test is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • postgresql is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql is signed with Red Hat master key
  • postgresql-contrib is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-contrib is signed with Red Hat master key
  • postgresql-devel is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-devel is signed with Red Hat master key
  • postgresql-docs is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-docs is signed with Red Hat master key
  • postgresql-jdbc is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-jdbc is signed with Red Hat master key
  • postgresql-libs is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-libs is signed with Red Hat master key
  • postgresql-pl is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-pl is signed with Red Hat master key
  • postgresql-python is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-python is signed with Red Hat master key
  • postgresql-server is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-server is signed with Red Hat master key
  • postgresql-tcl is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-tcl is signed with Red Hat master key
  • postgresql-test is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-test is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • postgresql is earlier than 0:8.1.9-1.el5
  • AND postgresql is signed with Red Hat redhatrelease key
  • postgresql-contrib is earlier than 0:8.1.9-1.el5
  • AND postgresql-contrib is signed with Red Hat redhatrelease key
  • postgresql-devel is earlier than 0:8.1.9-1.el5
  • AND postgresql-devel is signed with Red Hat redhatrelease key
  • postgresql-docs is earlier than 0:8.1.9-1.el5
  • AND postgresql-docs is signed with Red Hat redhatrelease key
  • postgresql-libs is earlier than 0:8.1.9-1.el5
  • AND postgresql-libs is signed with Red Hat redhatrelease key
  • postgresql-pl is earlier than 0:8.1.9-1.el5
  • AND postgresql-pl is signed with Red Hat redhatrelease key
  • postgresql-python is earlier than 0:8.1.9-1.el5
  • AND postgresql-python is signed with Red Hat redhatrelease key
  • postgresql-server is earlier than 0:8.1.9-1.el5
  • AND postgresql-server is signed with Red Hat redhatrelease key
  • postgresql-tcl is earlier than 0:8.1.9-1.el5
  • AND postgresql-tcl is signed with Red Hat redhatrelease key
  • postgresql-test is earlier than 0:8.1.9-1.el5
  • AND postgresql-test is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • postgresql is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql is signed with Red Hat redhatrelease2 key
  • postgresql-contrib is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-contrib is signed with Red Hat redhatrelease2 key
  • postgresql-devel is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-devel is signed with Red Hat redhatrelease2 key
  • postgresql-docs is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-docs is signed with Red Hat redhatrelease2 key
  • postgresql-jdbc is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-jdbc is signed with Red Hat redhatrelease2 key
  • postgresql-libs is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-libs is signed with Red Hat redhatrelease2 key
  • postgresql-pl is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-pl is signed with Red Hat redhatrelease2 key
  • postgresql-python is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-python is signed with Red Hat redhatrelease2 key
  • postgresql-server is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-server is signed with Red Hat redhatrelease2 key
  • postgresql-tcl is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-tcl is signed with Red Hat redhatrelease2 key
  • postgresql-test is earlier than 0:7.4.17-1.RHEL4.1
  • AND postgresql-test is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • postgresql is earlier than 0:8.1.9-1.el5
  • AND postgresql is signed with Red Hat redhatrelease2 key
  • postgresql-contrib is earlier than 0:8.1.9-1.el5
  • AND postgresql-contrib is signed with Red Hat redhatrelease2 key
  • postgresql-devel is earlier than 0:8.1.9-1.el5
  • AND postgresql-devel is signed with Red Hat redhatrelease2 key
  • postgresql-docs is earlier than 0:8.1.9-1.el5
  • AND postgresql-docs is signed with Red Hat redhatrelease2 key
  • postgresql-libs is earlier than 0:8.1.9-1.el5
  • AND postgresql-libs is signed with Red Hat redhatrelease2 key
  • postgresql-pl is earlier than 0:8.1.9-1.el5
  • AND postgresql-pl is signed with Red Hat redhatrelease2 key
  • postgresql-python is earlier than 0:8.1.9-1.el5
  • AND postgresql-python is signed with Red Hat redhatrelease2 key
  • postgresql-server is earlier than 0:8.1.9-1.el5
  • AND postgresql-server is signed with Red Hat redhatrelease2 key
  • postgresql-tcl is earlier than 0:8.1.9-1.el5
  • AND postgresql-tcl is signed with Red Hat redhatrelease2 key
  • postgresql-test is earlier than 0:8.1.9-1.el5
  • AND postgresql-test is signed with Red Hat redhatrelease2 key
    • BACK