U popularnom sustavu za upravljanje bazama podataka, programskom paketu PostgreSQL, otkriven je jedan sigurnosni propust. U dodatku "intarray" je otkriven propust u funkciji "gettoken" u datoteci "contrib/intarray/_int_bool.c" gdje dolazi do preljeva međuspremnika. Propust mogu iskoristiti udaljeni napadači pomoću cjelobrojnih brojeva s velikim brojem znamenki. Rezultat uspješnog napada je rušenje aplikacije (DoS napad) i pokretanje proizvoljnog programskog koda. Preporuča se korištenje najnovije inačice.
CentOS Errata and Security Advisory 2011:0197 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0197.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
a28f6025ce6286b9d650373cc289dceb postgresql-8.1.23-1.el5_6.1.x86_64.rpm
e77211957616b5c81f475eb6f1c92e5b
postgresql-contrib-8.1.23-1.el5_6.1.x86_64.rpm
f914cb1abe4c4ce7e5d84d51dfe4c6c7 postgresql-devel-8.1.23-1.el5_6.1.i386.rpm
8b19b685c1dfb68202e684545015acca postgresql-devel-8.1.23-1.el5_6.1.x86_64.rpm
7647c0c9e59a212a3beb56f979012c59 postgresql-docs-8.1.23-1.el5_6.1.x86_64.rpm
c78df1197fdfe3b221481b1f1c6512a3 postgresql-libs-8.1.23-1.el5_6.1.i386.rpm
efdc5f748ab471a0e5256aed327e6b83 postgresql-libs-8.1.23-1.el5_6.1.x86_64.rpm
cc7dc394c68d01ec315645962b5644c2 postgresql-pl-8.1.23-1.el5_6.1.x86_64.rpm
64ecf2ac65d94f04c7b77f4766a03df1
postgresql-python-8.1.23-1.el5_6.1.x86_64.rpm
89dcbf68bbec48aff00aa049a23015aa
postgresql-server-8.1.23-1.el5_6.1.x86_64.rpm
3b57ed35524995e7496323d9ac39329a postgresql-tcl-8.1.23-1.el5_6.1.x86_64.rpm
a53ca1ebd04335ab83ed063573d21b6f postgresql-test-8.1.23-1.el5_6.1.x86_64.rpm
Source:
3417bc5a94cc3afa8018be4c9aa77829 postgresql-8.1.23-1.el5_6.1.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2011:0198 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0198.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
8a6832e15f19c1f5158edfa8c207695d postgresql84-8.4.7-1.el5_6.1.x86_64.rpm
5a6b99eca71b6f723050ce41443af670
postgresql84-contrib-8.4.7-1.el5_6.1.x86_64.rpm
fc8acd4151ff9b817c06358cabb2cd1f postgresql84-devel-8.4.7-1.el5_6.1.i386.rpm
33b2ac4d2840dec7fb54626f4ef72074
postgresql84-devel-8.4.7-1.el5_6.1.x86_64.rpm
9c4c46db05999cefefcdb311bfffce1d postgresql84-docs-8.4.7-1.el5_6.1.x86_64.rpm
db7d3ab5cbbb0d1fcd8a2ef1577bbb68 postgresql84-libs-8.4.7-1.el5_6.1.i386.rpm
33af66ac112db8cc0049679e8c856818 postgresql84-libs-8.4.7-1.el5_6.1.x86_64.rpm
b6cf95c677c3fd2eca4b477e39cdf576
postgresql84-plperl-8.4.7-1.el5_6.1.x86_64.rpm
01b88e45e980abd770f2e590cebb415d
postgresql84-plpython-8.4.7-1.el5_6.1.x86_64.rpm
d70be5fd4bda0eff39c7d18d51eeab11
postgresql84-pltcl-8.4.7-1.el5_6.1.x86_64.rpm
50ce52d6716f0cda84402be15a018ff0
postgresql84-python-8.4.7-1.el5_6.1.x86_64.rpm
dc4350b89e61f5c5da3e0c14a0d2d521
postgresql84-server-8.4.7-1.el5_6.1.x86_64.rpm
c03f7e52bf0a278914a781d34f6ccbeb postgresql84-tcl-8.4.7-1.el5_6.1.x86_64.rpm
35ffb88f2785f4b07c5b027441cd8337 postgresql84-test-8.4.7-1.el5_6.1.x86_64.rpm
Source:
098b0ed74b5b5135a97dcc733fdecc06 postgresql84-8.4.7-1.el5_6.1.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke