Oval Definition:oval:org.mitre.oval:def:21339
Revision Date:2014-02-24Version:49
Title:RHSA-2012:0678: postgresql and postgresql84 security update (Moderate)
Description:CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines, which are inserted into an SQL script that is used when the database is restored.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:0678
CVE-2012-0866
CVE-2012-0867
CVE-2012-0868
RHSA-2012:0678-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):postgresql
postgresql84
Definition Synopsis
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • postgresql84-pltcl is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-server is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-docs is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84 is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-test is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-tcl is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-contrib is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-plpython is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-plperl is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-python is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-devel is earlier than 0:8.4.11-1.el5_8
  • OR postgresql84-libs is earlier than 0:8.4.11-1.el5_8
  • Operation system section
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • postgresql is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-server is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-libs is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-devel is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-pltcl is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-plpython is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-docs is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-test is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-plperl is earlier than 0:8.4.11-1.el6_2
  • OR postgresql-contrib is earlier than 0:8.4.11-1.el6_2
    • BACK