Oval Definition:oval:org.mitre.oval:def:13636
Revision Date:2014-06-23Version:20
Title:DSA-2051-1 postgresql-8.3 -- several
Description:Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1169 Tim Bunce discovered that the implementation of the procedural language PL/Perl insufficiently restricts the subset of allowed code, which allows authenticated users the execution of arbitrary Perl code. CVE-2010-1170 Tom Lane discovered that the implementation of the procedural language PL/Tcl insufficiently restricts the subset of allowed code, which allows authenticated users the execution of arbitrary Tcl code. CVE-2010-1975 It was discovered that an unprivileged user could reset superuser-only parameter settings. For the stable distribution, these problems have been fixed in version 8.3.11-0lenny1. This update also introduces a fix for CVE-2010-0442, which was originally scheduled for the next Lenny point update. For the unstable distribution, these problems have been fixed in version 8.4.4-1 of postgresql-8.4. We recommend that you upgrade your postgresql-8.3 packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-0442
CVE-2010-1169
CVE-2010-1170
CVE-2010-1975
DSA-2051-1
Platform(s):Debian GNU/Linux 5.0
Product(s):postgresql-8.3
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independet section
  • Installed architecture is all
  • AND Packages section
  • postgresql-doc-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-contrib DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-client DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-doc DPKG is earlier than 8.3.11-0lenny1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • postgresql-client-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-plperl-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR libecpg6 DPKG is earlier than 8.3.11-0lenny1
  • OR libpq-dev DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-plpython-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-pltcl-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-server-dev-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR libecpg-dev DPKG is earlier than 8.3.11-0lenny1
  • OR postgresql-contrib-8.3 DPKG is earlier than 8.3.11-0lenny1
  • OR libpq5 DPKG is earlier than 8.3.11-0lenny1
  • OR libpgtypes3 DPKG is earlier than 8.3.11-0lenny1
  • OR libecpg-compat3 DPKG is earlier than 8.3.11-0lenny1
    • BACK