Paketi Postgresql84 i Postgresql sadrže sigurnosne ranjivosti prepisivanja i čitanja proizvoljnih datoteka, a posljedično i otkrivanje osjetljivih infromacija.
| Paket: | PostgreSQL 8.x, postgresql84 8.x |
| Operacijski sustavi: | Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6 |
| Problem: | neodgovarajuće rukovanje datotekama |
| Iskorištavanje: | lokalno/udaljeno |
| Posljedica: | izmjena podataka, otkrivanje osjetljivih informacija |
| Rješenje: | programska zakrpa proizvođača |
| Izvorni ID preporuke: | 2012:1263 |
| Izvor: | CentOS |
| Problem: | |
| Nepravilnost se javlja pri obradi XSLT i XML datoteka. |
|
| Posljedica: | |
| Ranjivost omogućuje čitanje i prepisivanje proizvoljnih datoteka i otkrivanje povjerljivih podataka. |
|
| Rješenje: | |
| Svim se korisnicima savjetuje instalacija nadogradnji u kojima su propusti ispravljeni. |
|
Izvorni tekst preporuke
CentOS Errata and Security Advisory 2012:1263 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1263.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
961ef503db4cbdaa64686c64b44051509c36efefbb0b6d4e7ae02af9e12811ed
postgresql-8.4.13-1.el6_3.i686.rpm
21f78a399d765b4801f21cc29b96fb4587b0135d90f13bd9e7c5d6b77d863d0f
postgresql-contrib-8.4.13-1.el6_3.i686.rpm
bb2492f52e028dcacfc7ee66f04512b212676cc6cd24378bde4ffeeaf3e1f5d0
postgresql-devel-8.4.13-1.el6_3.i686.rpm
e952c7166e69a632feca63cfa6febe2eaa4d5bbac339b716292717d0915a54c4
postgresql-docs-8.4.13-1.el6_3.i686.rpm
45bcd2662b5db057be9ef8a7a7cece0c27613bec4c3fb58484aa6791845703a8
postgresql-libs-8.4.13-1.el6_3.i686.rpm
29d8fa9a519d2b660819a2ea26ec70926691f2ceaf07247219f4cc231cdc9d68
postgresql-plperl-8.4.13-1.el6_3.i686.rpm
069ad26cd163b64864f86a0b1a87d6e3a98bae1b627740bd4118e47ad080cf4a
postgresql-plpython-8.4.13-1.el6_3.i686.rpm
b98419aff2821fcacdb876db7386bd8c9462c1e8c02e76cbbdb47dcbc7791805
postgresql-pltcl-8.4.13-1.el6_3.i686.rpm
5315b12b4922f8223e6f7f3740c20d61fe1629f6af748f524e39cd01980c1d75
postgresql-server-8.4.13-1.el6_3.i686.rpm
3151288b83e70fbdba7657ad8cfacaba1df1a09bc5022025f0b5431bf5c450d8
postgresql-test-8.4.13-1.el6_3.i686.rpm
x86_64:
961ef503db4cbdaa64686c64b44051509c36efefbb0b6d4e7ae02af9e12811ed
postgresql-8.4.13-1.el6_3.i686.rpm
242b71a638dea8d7a01321e1dcdb9ca055449d3f73f890d73c676d8c8b479d76
postgresql-8.4.13-1.el6_3.x86_64.rpm
12bfc9abfd76c6322f442c105ca803d142a53f52943675cea637a228cf4a1f23
postgresql-contrib-8.4.13-1.el6_3.x86_64.rpm
bb2492f52e028dcacfc7ee66f04512b212676cc6cd24378bde4ffeeaf3e1f5d0
postgresql-devel-8.4.13-1.el6_3.i686.rpm
6230aae6f0aa041ed86b2f0f4e3003e89ca0c9054d9cf3a50dc1f3644d2dc46e
postgresql-devel-8.4.13-1.el6_3.x86_64.rpm
01620c580cde859aab8c47215c13862d944ac348a06dcff339a80affd949a440
postgresql-docs-8.4.13-1.el6_3.x86_64.rpm
45bcd2662b5db057be9ef8a7a7cece0c27613bec4c3fb58484aa6791845703a8
postgresql-libs-8.4.13-1.el6_3.i686.rpm
29561d8adb566d2b2e56cddd068f52674e2ea40e409139ef2314f4dd39b6a3c8
postgresql-libs-8.4.13-1.el6_3.x86_64.rpm
7c2427d740702fa4a6ade4590e71d575ad6a45d1c286a93834085b02abe0594a
postgresql-plperl-8.4.13-1.el6_3.x86_64.rpm
e3ad45d0cdfbda0b06295e5e775cb563fbdeed92f3a34242cfaaca36c5fdf7cf
postgresql-plpython-8.4.13-1.el6_3.x86_64.rpm
29b1141588c5f9ceee367dae53809aec06b76f03586fddb7e64b58b32d9b6bc2
postgresql-pltcl-8.4.13-1.el6_3.x86_64.rpm
e5c08c1d96d40a449a9ddc9695ded4c86cf5a3861c906c54835bfe35df3d5f5c
postgresql-server-8.4.13-1.el6_3.x86_64.rpm
c3264e5dc365b0879ba714cd7174386e11d093ec1f7429f1c40065b62039e74a
postgresql-test-8.4.13-1.el6_3.x86_64.rpm
Source:
f6232286d6950adf563c8d90bf4080df7f189110ca79ae700d95d9c898e1e198
postgresql-8.4.13-1.el6_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:1264 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1264.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
5e29c038ddc1527fa9a0ff5353b041274f1644a410b81ba069ec3ec95ecb3b21
postgresql-8.1.23-6.el5_8.i386.rpm
a58c64037613971a9cdcb83056a81d5f0edf332ced7c4e83ac36a64194bdca02
postgresql-contrib-8.1.23-6.el5_8.i386.rpm
c5e667e47db03af38ed6988e223a44472bda4894e53c21b596cca694692f0fa0
postgresql-devel-8.1.23-6.el5_8.i386.rpm
4a626b64d9e865ae15fe6f034dec8b4ee8614731b927704d714d96538b480287
postgresql-docs-8.1.23-6.el5_8.i386.rpm
93acab4c6ad4cf9297772bdc0b5f02fca740ca5827e66b201f47fe5e2230b009
postgresql-libs-8.1.23-6.el5_8.i386.rpm
960c3b5d486839d33fa478eeeeb3050178b4d3e2c1b6d120b061ac604204d33e
postgresql-pl-8.1.23-6.el5_8.i386.rpm
e89f46c0a96e26d4e41c9e95895d0a3fb42e70bf63041bbe7af5022559d1a999
postgresql-python-8.1.23-6.el5_8.i386.rpm
85e084c5c4c1ee384b804f53c0554adc4acbf339de5bb8cf3c4e89c00ce43028
postgresql-server-8.1.23-6.el5_8.i386.rpm
01af2108a07bc008df7ff6b64ae900827790e6e1783030d282cedd1df324753b
postgresql-tcl-8.1.23-6.el5_8.i386.rpm
af0adbcee037a92554d22391031acedb22622d802bc2c8e15e1992a4fd34ccbb
postgresql-test-8.1.23-6.el5_8.i386.rpm
x86_64:
8816e655eb0ee6ce49c66452211092924c97ede26dc0d8a065f8d8c3cab8f246
postgresql-8.1.23-6.el5_8.x86_64.rpm
32ebf260dc62823c98603f0d5f30eb9e0258f2934764856b7901f62147785e4c
postgresql-contrib-8.1.23-6.el5_8.x86_64.rpm
c5e667e47db03af38ed6988e223a44472bda4894e53c21b596cca694692f0fa0
postgresql-devel-8.1.23-6.el5_8.i386.rpm
b3e689a1f1b5bbb548bb095d82cfd65972f5bfe588ffe5b1ae0fb63723dc8012
postgresql-devel-8.1.23-6.el5_8.x86_64.rpm
cb4a39f4f3ac611527c6b75570687012522a2f7b44b1f1df63c922981b023b66
postgresql-docs-8.1.23-6.el5_8.x86_64.rpm
93acab4c6ad4cf9297772bdc0b5f02fca740ca5827e66b201f47fe5e2230b009
postgresql-libs-8.1.23-6.el5_8.i386.rpm
61913a59e54cb89b006f0de0d8c9803d02ce92ed8e0364ee5589bc0c065eced6
postgresql-libs-8.1.23-6.el5_8.x86_64.rpm
9d18041bb9b74208c150a2ea0d24122b1850cde9a5f4e2291ce40bebfd8f5bcb
postgresql-pl-8.1.23-6.el5_8.x86_64.rpm
18f554be5abbd97b2046aeb61607f60d6b98f4d73119315eecf7c32c8a4382fb
postgresql-python-8.1.23-6.el5_8.x86_64.rpm
12e3a6121e59bc966071124beb604947bb70e27d1ed63244b7cc46717fdaa591
postgresql-server-8.1.23-6.el5_8.x86_64.rpm
79197c80b34a8398fab68f9c57747676620dec0ffe97d219750e3db900ec8e7a
postgresql-tcl-8.1.23-6.el5_8.x86_64.rpm
cb60991797e815d53ce81d20cf9d4fc5cdecf54f7020ca491e5a17e34f92befb
postgresql-test-8.1.23-6.el5_8.x86_64.rpm
Source:
ee816a632b5c9315e6301d71ee36146fc651f0572ab37ba5bc87b75e7304e765
postgresql-8.1.23-6.el5_8.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:1263 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1263.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
9e8b6362b15b2844ddc8b00c18a78d1d2d0baaf505eeef15228722668c37dfdf
postgresql84-8.4.13-1.el5_8.i386.rpm
388b304ebc88f115ee15a2b4e5e59dcd4c7b6df6bd220c9011cf39438509ea03
postgresql84-contrib-8.4.13-1.el5_8.i386.rpm
4d5c4abb00cebbb39541b7cd76600f5a80db434a8aa4ddab9f6ee7583ec6fcd7
postgresql84-devel-8.4.13-1.el5_8.i386.rpm
25740e1688436587dcec1846b00593ec7ac7f1062bad253602e947e43ba40044
postgresql84-docs-8.4.13-1.el5_8.i386.rpm
63e70f6be7e7893dc4ef98acbee36e861e939d65e4226fa2c8b86378fa0b0dd7
postgresql84-libs-8.4.13-1.el5_8.i386.rpm
2718b23f222027064cd5e551400f8dca44eca311eca30077f9638916f23dbebd
postgresql84-plperl-8.4.13-1.el5_8.i386.rpm
a8d2ad6e23f752f9aa4b0464cf30f8c8d9624e17438bc23b49c5f78af430dc06
postgresql84-plpython-8.4.13-1.el5_8.i386.rpm
db0815c1f4406bf21a86eca685e810c319d44ea8e3710b2be55205257645d48c
postgresql84-pltcl-8.4.13-1.el5_8.i386.rpm
896b9a282bbedc466e218e48906f54671138ff7f8044c09dbaa026cb7c262244
postgresql84-python-8.4.13-1.el5_8.i386.rpm
55126ff0c08bacbfc2bd369cc1c49aeb7764c87b2ff12290c312d37a06390e54
postgresql84-server-8.4.13-1.el5_8.i386.rpm
44e5cdf95596f2209a9029a3a8dfa1570735e79a102531af3a5f2be25970d1e8
postgresql84-tcl-8.4.13-1.el5_8.i386.rpm
a74252b2c78a2394b780b27c2e2d66a3d79d6229cd2960637e08276e00c11acf
postgresql84-test-8.4.13-1.el5_8.i386.rpm
x86_64:
6d9230649de46f3687cbf000732e2109dd2b2136faf2b68c8d79721642ecc253
postgresql84-8.4.13-1.el5_8.x86_64.rpm
43a28520d9d1a7d422c906e440fc4ef891b5ffbeed30be8241644af58f809876
postgresql84-contrib-8.4.13-1.el5_8.x86_64.rpm
4d5c4abb00cebbb39541b7cd76600f5a80db434a8aa4ddab9f6ee7583ec6fcd7
postgresql84-devel-8.4.13-1.el5_8.i386.rpm
97013abdb5077a5014052d7f034b0623bf54af6557c688c29bdcd93e6d5fa608
postgresql84-devel-8.4.13-1.el5_8.x86_64.rpm
598738867cb35aa53fbee4f76271612350d39d5f40e8937bba21385cfaed41bb
postgresql84-docs-8.4.13-1.el5_8.x86_64.rpm
63e70f6be7e7893dc4ef98acbee36e861e939d65e4226fa2c8b86378fa0b0dd7
postgresql84-libs-8.4.13-1.el5_8.i386.rpm
bc1742d5abf521239caab7cdd21bfde4d5c67554ac637c2d7303bff1b3d2fda8
postgresql84-libs-8.4.13-1.el5_8.x86_64.rpm
3f1d09825646d9982a46e6a4f8233280ee264bcbf63754f19318d2871bc1f09f
postgresql84-plperl-8.4.13-1.el5_8.x86_64.rpm
10b59948809e8328848899aaff0376e2804dab8c73c985e72244e6088008f027
postgresql84-plpython-8.4.13-1.el5_8.x86_64.rpm
95d4e109c2e696082b55e9960aa186da68c18d2ede24491e05a19573bf4dd308
postgresql84-pltcl-8.4.13-1.el5_8.x86_64.rpm
a4a0872566e69e2076a9504802df3379999f731b231aec5581b630dc15aa8fd8
postgresql84-python-8.4.13-1.el5_8.x86_64.rpm
ddd5202fb13cbc4c0002a7f98ba3aada21b375db9cd591cc885da11649af6b7a
postgresql84-server-8.4.13-1.el5_8.x86_64.rpm
09f08e46994ba077955be04edf452e419ae55db4eb989a5b81303c234f880250
postgresql84-tcl-8.4.13-1.el5_8.x86_64.rpm
b8b310a867ab5cdad9883432522b12c3101d08cb727f1f07f3a0fad66b11de19
postgresql84-test-8.4.13-1.el5_8.x86_64.rpm
Source:
8c2a1a6a357d4f92bb462694b6801f85a614d3ffbd39f48052120e6e9d118889
postgresql84-8.4.13-1.el5_8.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke