FreeBSD Bugzilla – Attachment 84180 Details for
Bug 120133
[patch] Update security/VuXML to contain recent PostgreSQL vulnerabilities
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
postgres_vuxml.patch
postgres_vuxml.patch (text/plain), 3.19 KB, created by
Nick Barkas
on 2008-01-29 23:30:01 UTC
(
hide
)
Description:
postgres_vuxml.patch
Filename:
MIME Type:
Creator:
Nick Barkas
Created:
2008-01-29 23:30:01 UTC
Size:
3.19 KB
patch
obsolete
>--- vuln.xml.orig Tue Jan 29 07:14:42 2008 >+++ vuln.xml Tue Jan 29 14:56:26 2008 >@@ -34,6 +34,68 @@ > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="222648aa-cead-11dc-8c6a-00304881ac9a"> >+ <topic>postgresql -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>postgresql</name> >+ <name>postgresql-server</name> >+ <range><ge>7.3</ge><lt>7.3.21</lt></range> >+ <range><ge>7.4</ge><lt>7.4.19</lt></range> >+ <range><ge>8.0</ge><lt>8.0.15</lt></range> >+ <range><ge>8.1</ge><lt>8.1.11</lt></range> >+ <range><ge>8.2</ge><lt>8.2.6</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The PostgreSQL developers report:</p> >+ <blockquote cite="http://www.postgresql.org/about/news.905"> >+ <p>Index Functions Privilege Escalation (CVE-2007-6600): as a unique >+ feature, PostgreSQL allows users to create indexes on the results of >+ user-defined functions, known as "expression indexes". This provided >+ two vulnerabilities to privilege escalation: (1) index functions >+ were executed as the superuser and not the table owner during VACUUM >+ and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION >+ were permitted within index functions. Both of these holes have now >+ been closed.</p> >+ >+ <p>Regular Expression Denial-of-Service (CVE-2007-4772, >+ CVE-2007-6067, CVE-2007-4769): three separate issues in the regular >+ expression libraries used by PostgreSQL allowed malicious users to >+ initiate a denial-of-service by passing certain regular expressions >+ in SQL queries. First, users could create infinite loops using some >+ specific regular expressions. Second, certain complex regular >+ expressions could consume excessive amounts of memory. Third, >+ out-of-range backref numbers could be used to crash the backend. All >+ of these issues have been patched.</p> >+ >+ <p>DBLink Privilege Escalation (CVE-2007-6601): DBLink functions >+ combined with local trust or ident authentication could be used by a >+ malicious user to gain superuser privileges. This issue has been >+ fixed, and does not affect users who have not installed DBLink (an >+ optional module), or who are using password authentication for local >+ access. This same problem was addressed in the previous release >+ cycle (see CVE-2007-3278), but that patch failed to close all forms >+ of the loophole.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2007-6600</cvename> >+ <cvename>CVE-2007-4772</cvename> >+ <cvename>CVE-2007-6067</cvename> >+ <cvename>CVE-2007-4769</cvename> >+ <cvename>CVE-2007-6601</cvename> >+ <bid>27163</bid> >+ <url>http://www.postgresql.org/about/news.905</url> >+ </references> >+ <dates> >+ <discovery>2008-01-06</discovery> >+ <entry>2008-01-29</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="6ecd0b42-ce77-11dc-89b1-000e35248ad7"> > <topic>libxine -- buffer overflow vulnerability</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=84180">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 120133
: 84180