Oval Definition:oval:org.mitre.oval:def:22642
Revision Date:2014-05-26Version:20
Title:ELSA-2009:1484: postgresql security update (Moderate)
Description:The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges.NOTE: this is due to an incomplete fix for CVE-2007-6600.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0922
CVE-2009-3230
ELSA-2009:1484-01
Platform(s):Oracle Linux 5
Product(s):postgresql
Definition Synopsis
  • Oracle Linux 5.x
  • AND rpm test
  • postgresql-docs is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-devel is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-contrib is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-test is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-libs is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-tcl is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-pl is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-server is earlier than 0:8.1.18-2.el5_4.1
  • OR postgresql-python is earlier than 0:8.1.18-2.el5_4.1
    • BACK