Oval Definition:oval:org.mitre.oval:def:7828
Revision Date:2015-02-23Version:21
Title:DSA-1900 postgresql-7.4, postgresql-8.1, postgresql-8.3, postgresql-8.4 -- several vulnerabilities
Description:Several vulnerabilities have been discovered in PostgreSQL, an SQL database system. The Common Vulnerabilities and Exposures project identifies the following problems: Authenticated users can shut down the backend server by re-LOAD-ing libraries in $libdir/plugins, if any libraries are present there. (The old stable distribution (etch) is not affected by this issue.) Authenticated non-superusers can gain database superuser privileges if they can create functions and tables due to incorrect execution of functions in functional indexes. If PostgreSQL is configured with LDAP authentication, and the LDAP configuration allows anonymous binds, it is possible for a user to authenticate themselves with an empty password. (The old stable distribution (etch) is not affected by this issue.) In addition, this update contains reliability improvements which do not target security issues.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3229
CVE-2009-3230
CVE-2009-3231
DSA-1900
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):postgresql-7.4
postgresql-8.1
postgresql-8.3
postgresql-8.4
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • postgresql-doc is earlier than 8.3.8-0lenny1
  • OR postgresql-doc-8.3 is earlier than 8.3.8-0lenny1
  • OR postgresql-contrib is earlier than 8.3.8-0lenny1
  • OR postgresql-client is earlier than 8.3.8-0lenny1
  • OR postgresql is earlier than 8.3.8-0lenny1
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • postgresql-client-8.3 is earlier than 8.3.8-0lenny1
  • OR postgresql-plperl-8.3 is earlier than 8.3.8-0lenny1
  • OR postgresql-8.3 is earlier than 8.3.8-0lenny1
  • OR libecpg6 is earlier than 8.3.8-0lenny1
  • OR libpq5 is earlier than 8.3.8-0lenny1
  • OR postgresql-plpython-8.3 is earlier than 8.3.8-0lenny1
  • OR postgresql-pltcl-8.3 is earlier than 8.3.8-0lenny1
  • OR postgresql-server-dev-8.3 is earlier than 8.3.8-0lenny1
  • OR libecpg-dev is earlier than 8.3.8-0lenny1
  • OR postgresql-contrib-8.3 is earlier than 8.3.8-0lenny1
  • OR libpq-dev is earlier than 8.3.8-0lenny1
  • OR libpgtypes3 is earlier than 8.3.8-0lenny1
  • OR libecpg-compat3 is earlier than 8.3.8-0lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • postgresql-doc-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-server-dev-7.4 is earlier than 1:7.4.26-0etch1
  • OR postgresql-doc-7.4 is earlier than 1:7.4.26-0etch1
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is hppa
  • AND Packages section
  • postgresql-7.4 is earlier than 1:7.4.26-0etch1
  • OR postgresql-client-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-8.1 is earlier than 8.1.18-0etch1
  • OR libpq-dev is earlier than 8.1.18-0etch1
  • OR postgresql-plpython-7.4 is earlier than 1:7.4.26-0etch1
  • OR postgresql-contrib-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-contrib-7.4 is earlier than 1:7.4.26-0etch1
  • OR libecpg5 is earlier than 8.1.18-0etch1
  • OR postgresql-pltcl-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-client-7.4 is earlier than 1:7.4.26-0etch1
  • OR postgresql-plpython-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-server-dev-8.1 is earlier than 8.1.18-0etch1
  • OR libecpg-dev is earlier than 8.1.18-0etch1
  • OR libpgtypes2 is earlier than 8.1.18-0etch1
  • OR libpq4 is earlier than 8.1.18-0etch1
  • OR postgresql-plperl-7.4 is earlier than 1:7.4.26-0etch1
  • OR postgresql-plperl-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-pltcl-7.4 is earlier than 1:7.4.26-0etch1
  • OR libecpg-compat2 is earlier than 8.1.18-0etch1
  • OR Architecture dependent section
  • Installed architecture is mipsel
  • AND Packages section
  • postgresql-client-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-contrib-8.1 is earlier than 8.1.18-0etch1
  • OR libecpg5 is earlier than 8.1.18-0etch1
  • OR postgresql-pltcl-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-server-dev-8.1 is earlier than 8.1.18-0etch1
  • OR postgresql-plpython-8.1 is earlier than 8.1.18-0etch1
  • OR libecpg-dev is earlier than 8.1.18-0etch1
  • OR libpgtypes2 is earlier than 8.1.18-0etch1
  • OR libpq4 is earlier than 8.1.18-0etch1
  • OR libpq-dev is earlier than 8.1.18-0etch1
  • OR postgresql-plperl-8.1 is earlier than 8.1.18-0etch1
  • OR libecpg-compat2 is earlier than 8.1.18-0etch1
    • BACK