首页 -> 安全研究
安全研究
安全漏洞
PostgreSQL path_add()缓冲区溢出漏洞
发布日期:2003-01-15
更新日期:2003-01-21
受影响系统:
PostgreSQL PostgreSQL 7.2.3描述:
PostgreSQL PostgreSQL 7.2.2
PostgreSQL PostgreSQL 7.2
PostgreSQL PostgreSQL 7.1.3
PostgreSQL PostgreSQL 7.1.2
PostgreSQL PostgreSQL 7.1.1
PostgreSQL PostgreSQL 7.1
PostgreSQL PostgreSQL 7.0.3
PostgreSQL PostgreSQL 7.0.2
PostgreSQL PostgreSQL 7.0.1
PostgreSQL PostgreSQL 7.0
PostgreSQL PostgreSQL 6.5.3
PostgreSQL PostgreSQL 6.3.2
PostgreSQL PostgreSQL 7.2.1
- Conectiva Linux 8.0
- Debian Linux 3.0
- SuSE Linux 7.3
BUGTRAQ ID: 6614
CVE(CAN) ID: CVE-2002-1401
PostgreSQL是一款增强对象-关系数据库管理程序,支持SQL标准子集扩展,适用于多种操作系统下。
PostgreSQL的'path_add()'函数对用户提交的输入缺少正确检查,本地攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以PostgreSQL进程在系统上执行任意指令。
'src/backend/adt/utils/geo_ops.c'中的'path_add()'函数对用户提交的字符串缺少正确边界缓冲区检查,超长的字符串可导致覆盖程序指令指针,精心构建提交数据可能以PostgreSQL进程在系统上执行任意指令。
<*来源:Sir Mordred The Traitor (mordred@s-mail.com)
链接:http://archives.postgresql.org/pgsql-hackers/2002-08/msg02047.php
https://www.redhat.com/support/errata/RHSA-2003-001.html
https://www.redhat.com/support/errata/RHSA-2003-010.html
http://www.debian.org/security/2002/dsa-165
http://www.suse.com/de/security/2002_038_postgresql.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000524
*>
建议:
厂商补丁:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:524)以及相应补丁:
CLA-2002:524:postgresql
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000524
补丁下载:
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/postgresql-7.0.3-11U60_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-clients-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-clients-X11-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-devel-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-devel-static-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-doc-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-jdbc-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-lib-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-odbc-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-perl-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-python-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-tcl-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/postgresql-test-7.0.3-11U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/postgresql-7.1.3-1U70_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-clients-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-clients-X11-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-contrib-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-devel-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-devel-static-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-doc-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-lib-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-odbc-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-perl-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-python-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-tcl-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/postgresql-test-7.1.3-1U70_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/postgresql-7.2.2-1U80_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-clients-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-clients-X11-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-contrib-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-devel-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-devel-static-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-doc-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-lib-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-odbc-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-perl-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-python-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-tcl-7.2.2-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/postgresql-test-7.2.2-1U80_2cl.i386.rpm
Conectiva Linux version 6.0及以上版本的用户可以使用apt进行RPM包的更新:
- 把以下的文本行加入到/etc/apt/sources.list文件中:
rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates
(如果你不是使用6.0版本,用合适的版本号代替上面的6.0)
- 执行: apt-get update
- 更新以后,再执行: apt-get upgrade
Debian
------
Debian已经为此发布了一个安全公告(DSA-165-1)以及相应补丁:
DSA-165-1:New PostgreSQL packages fix several vulnerabilities
链接:http://www.debian.org/security/2002/dsa-165
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2.dsc
Size/MD5 checksum: 898 0c0e93f2ccf5ce9facc4a465b6292cd8
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2.diff.gz
Size/MD5 checksum: 156968 5f2ef24ed154bd4de57dc5726ac3cc86
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3.orig.tar.gz
Size/MD5 checksum: 6833791 098d1ee4316500a2d033ced3ebd5b831
Architecture independent components:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-doc_6.5.3-27.2_all.deb
Size/MD5 checksum: 2174496 79be7470e7ed11d31a42fc39c9a2d31c
Alpha architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_alpha.deb
Size/MD5 checksum: 881594 8e998e45147625c1193cdd2d76ce2180
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_alpha.deb
Size/MD5 checksum: 99800 de594d91602d7488e15b17c791177b3c
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_alpha.deb
Size/MD5 checksum: 105720 fb4db53673387a3d2316be3c2c712553
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_alpha.deb
Size/MD5 checksum: 263928 9236097a2fd2563f553eddc1837dcec0
ARM architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_arm.deb
Size/MD5 checksum: 722526 007e62202fdc2e90e035089dffd72b14
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_arm.deb
Size/MD5 checksum: 89978 fcf9df5c2492ab78004327e001ef2c1f
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_arm.deb
Size/MD5 checksum: 97820 01a66c480ee709733b28fe052f2c2374
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_arm.deb
Size/MD5 checksum: 239052 971adf428f0eb32f57e6ac028f653c2d
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_i386.deb
Size/MD5 checksum: 687334 8b448ec3a6c1e6cd52bca10b5cc48cc3
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_i386.deb
Size/MD5 checksum: 88128 4d3b874a135665ff355001fada0fddef
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_i386.deb
Size/MD5 checksum: 95942 0ebcebc831c984a7b18d61cbed5875a0
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_i386.deb
Size/MD5 checksum: 233256 a15449922f2ac541b2ef6c5d108c9e80
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_m68k.deb
Size/MD5 checksum: 648568 04bfd07630393444bf0fe0fe9cddec46
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_m68k.deb
Size/MD5 checksum: 83542 13ff333a8d436d4c35a9edbcf609c695
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_m68k.deb
Size/MD5 checksum: 95810 dbe390fa02b7e6fd8c851504e9ee038f
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_m68k.deb
Size/MD5 checksum: 231918 20a4eb3180cae532ecbcd0746606c324
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_powerpc.deb
Size/MD5 checksum: 730152 1e02e009522175777d1e07baadf19278
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_powerpc.deb
Size/MD5 checksum: 87736 3ebcf8ca5a0865b5098cd38a5bd21330
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_powerpc.deb
Size/MD5 checksum: 99108 f18306dbdc39f59fec68ebe698200b24
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_powerpc.deb
Size/MD5 checksum: 251990 c55b7e233046b78b82f14312b3bd7ef5
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_6.5.3-27.2_sparc.deb
Size/MD5 checksum: 715944 7508c6790fa0a27d2c1f0e3aeee05a7a
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_6.5.3-27.2_sparc.deb
Size/MD5 checksum: 94714 764b44e5556ddf84f8bbabc76932d3f2
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_6.5.3-27.2_sparc.deb
Size/MD5 checksum: 99438 7f9e005d970e914886a796733e8fb9d7
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_6.5.3-27.2_sparc.deb
Size/MD5 checksum: 235090 412d135c6f5b2f811ca1829fc58971cc
Debian GNU/Linux 3.0 alias woody
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2.dsc
Size/MD5 checksum: 966 608f67b79934e98459ca278879f6b742
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2.diff.gz
Size/MD5 checksum: 108324 c02c93a8b361d3da4c0703aeb68618ba
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1.orig.tar.gz
Size/MD5 checksum: 9237680 d075e9c49135899645dff57bc58d6233
Architecture independent components:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-doc_7.2.1-2woody2_all.deb
Size/MD5 checksum: 1962362 e881e3b62e524dcfd36fc20624939ab5
Alpha architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_alpha.deb
Size/MD5 checksum: 1816268 50ac206e7e3493b672014f6ecc70010d
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_alpha.deb
Size/MD5 checksum: 319026 130d19aee5351f6411c8af835ddbf7bc
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_alpha.deb
Size/MD5 checksum: 386660 ec7f4c9403549db4664722aea7e68f3d
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_alpha.deb
Size/MD5 checksum: 539598 426361b14677071337cda4782720b7e1
ARM architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_arm.deb
Size/MD5 checksum: 1599594 2bb62ee39fdb23117a668a42efbf61e0
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_arm.deb
Size/MD5 checksum: 284670 b570f4e391beba66b94bed46e238b210
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_arm.deb
Size/MD5 checksum: 340194 279f464364be344e21122cefbb409e49
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_arm.deb
Size/MD5 checksum: 509944 2997e961cad38ebaed1462885a33964e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_i386.deb
Size/MD5 checksum: 1550462 57b8949853a7b1b85b91c40e0ff6f50f
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_i386.deb
Size/MD5 checksum: 280466 d0322e0e9297ed7f93e742c3a7c87e3e
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_i386.deb
Size/MD5 checksum: 329492 a499acbee40aee5044a9777f6f208cf0
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_i386.deb
Size/MD5 checksum: 495648 4cbe718afd5717d2b463a799a7963c48
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_ia64.deb
Size/MD5 checksum: 2091424 ae4a192a487d27d92365905e6b6a140c
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_ia64.deb
Size/MD5 checksum: 362760 2f369d4f74f31c0ee49f253ace0ba341
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_ia64.deb
Size/MD5 checksum: 434010 97aa15eaf45c8126455410832aace650
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_ia64.deb
Size/MD5 checksum: 554460 cc2b261cbc7d74395955787538ee1be4
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_hppa.deb
Size/MD5 checksum: 1825936 d4123b1fb38be1b5f590c7647ac67d09
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_hppa.deb
Size/MD5 checksum: 303976 2ed721a638cc122e9df2c7c8d9c3136c
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_hppa.deb
Size/MD5 checksum: 371292 eca7dda3a5770e9559431c91591bd011
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_hppa.deb
Size/MD5 checksum: 523432 39037260439d1a0e7657057081b025ac
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_m68k.deb
Size/MD5 checksum: 1582574 0821e366132154d678a265eb905fafea
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_m68k.deb
Size/MD5 checksum: 269228 4f0d8a52aab71f35ed927ecb8b459a04
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_m68k.deb
Size/MD5 checksum: 324506 defc39e7b301a0e8e3eaa31e95f44bd1
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_m68k.deb
Size/MD5 checksum: 489576 d0e07f1c808bcea4b079ee666af89e18
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_mips.deb
Size/MD5 checksum: 1749892 038f144371c532a7054310ebafc0fabf
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_mips.deb
Size/MD5 checksum: 293452 5f2933c441851dc091e5fd3689883333
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_mips.deb
Size/MD5 checksum: 343074 88123045ac6311fcaf75a04123d99a11
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_mips.deb
Size/MD5 checksum: 514694 87275f4241190fef029bd5550b1bc60f
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_mipsel.deb
Size/MD5 checksum: 1661496 549f289431252de4a3f568e70ea239aa
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_mipsel.deb
Size/MD5 checksum: 293778 cd3985f57d9146bf029e8b1341305ba3
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_mipsel.deb
Size/MD5 checksum: 342846 27b7dc830124cd7172da925d2cd41a28
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_mipsel.deb
Size/MD5 checksum: 511992 ce6368fcf94ea24f99b03ed966ae3a1b
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_powerpc.deb
Size/MD5 checksum: 1700298 110f547a75ef7e029cf0a85f6d0371b4
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_powerpc.deb
Size/MD5 checksum: 287804 89157efe96d18948dc2be1e3197c6ce8
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_powerpc.deb
Size/MD5 checksum: 341156 62010d6c0229a9be34dfadba6d596a27
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_powerpc.deb
Size/MD5 checksum: 510338 62a64b00fa3d6778684e9d09ea1a7184
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_s390.deb
Size/MD5 checksum: 1655658 338ea4946f02a733a5847fa21691a69b
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_s390.deb
Size/MD5 checksum: 281394 7d1dd1d5cc597d0a4cd3ce4fce711c1f
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_s390.deb
Size/MD5 checksum: 337208 cbecafbcf64329be5f1427c1dfd53611
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_s390.deb
Size/MD5 checksum: 500784 b96c9bc7ef7f7f6af453c97bc1847c3d
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/postgresql/postgresql_7.2.1-2woody2_sparc.deb
Size/MD5 checksum: 1671132 f7ce98738c9fffd61d249b25e85e64d4
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-client_7.2.1-2woody2_sparc.deb
Size/MD5 checksum: 288190 ed62e7c92a30fd818e4758ab5c37ceaa
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-contrib_7.2.1-2woody2_sparc.deb
Size/MD5 checksum: 370490 7416f29f108b2583a040c0211d2050ac
http://security.debian.org/pool/updates/main/p/postgresql/postgresql-dev_7.2.1-2woody2_sparc.deb
Size/MD5 checksum: 501558 8c0f2688e7cdc815c49b88a2772c3ceb
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了两个安全公告(RHSA-2003:010-10 RHSA-2003:001-16)以及相应补丁:
RHSA-2003:010-10:Updated PostgreSQL packages fix buffer overrun vulnerabilities
链接:https://www.redhat.com/support/errata/RHSA-2003-010.html
RHSA-2003:001-16:Updated PostgreSQL packages fix security issues and bugs
链接:https://www.redhat.com/support/errata/RHSA-2003-001.html
补丁下载:
Red Hat Upgrade postgresql-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-python-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-python-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-devel-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-devel-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-server-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-server-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-jdbc-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-jdbc-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-tcl-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-tcl-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-odbc-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-odbc-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-test-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-test-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-perl-6.5.3-7.3.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/postgresql-perl-6.5.3-7.3.i386.rpm
Red Hat Upgrade postgresql-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-python-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-python-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-devel-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-devel-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-server-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-server-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-jdbc-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-jdbc-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-tcl-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-tcl-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-odbc-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-odbc-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-tk-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-tk-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-perl-7.0.2-18.2.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/postgresql-perl-7.0.2-18.2.i386.rpm
Red Hat Upgrade postgresql-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-python-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-python-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-devel-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-devel-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-server-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-server-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-jdbc-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-jdbc-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-tcl-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-tcl-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-odbc-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-odbc-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-tk-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-tk-7.0.3-9.2.i386.rpm
Red Hat Upgrade postgresql-perl-7.0.3-9.2.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/postgresql-perl-7.0.3-9.2.i386.rpm
S.u.S.E.
--------
S.u.S.E.已经为此发布了一个安全公告(SuSE-SA:2002:038)以及相应补丁:
SuSE-SA:2002:038:postgresql
链接:http://www.suse.com/de/security/2002_038_postgresql.html
补丁下载:
i386 Intel Platform:
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap2/postgresql-libs-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap2/postgresql-libs-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-contrib-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-contrib-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-devel-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-devel-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-docs-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-docs-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-jdbc-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-jdbc-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-odbc-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-odbc-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-perl-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-perl-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-python-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-python-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-server-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-server-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-tcl-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-tcl-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-test-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-test-7.2-103.i386.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-tk-7.2-103.i386.patch.rpm
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap3/postgresql-tk-7.2-103.i386.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/postgresql-7.2-103.src.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap2/postgresql-libs-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-contrib-7.1.3-116.i386.rpm
fd4de823cfc05743a9919eaedf
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-devel-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-docs-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-jdbc-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-odbc-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-perl-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-python-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-server-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-tcl-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-test-7.1.3-116.i386.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/ap3/postgresql-tk-7.1.3-116.i386.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/postgresql-7.1.3-116.src.rpm
Sparc Platform:
Due to lack of resources new packages will be made available later without
any further notice.
AXP Alpha Platform:
Due to lack of resources new packages will be made available later without
any further notice.
PPC Power PC Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap2/postgresql-libs-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-contrib-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-devel-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-docs-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-jdbc-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-odbc-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-perl-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-python-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-server-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-tcl-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-test-7.1.3-95.ppc.rpm
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/ap3/postgresql-tk-7.1.3-95.ppc.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/postgresql-7.1.3-95.src.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-devel-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-jdbc-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-lib-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-odbc-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-perl-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-python-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-server-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-tcl-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-test-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap2/postgresql-tk-7.0.3-23.ppc.rpm
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap3/postgresql-7.0.3-23.ppc.rpm
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/postgresql-7.0.3-23.src.rpm
补丁安装方法:
用“rpm -Fhv file.rpm”命令安装文件,完成后,如果rsync服务是用inetd启动的,向inetd进程发送信号重启之。如果rsync是用“rsync --daemon”命令启动的,则再用此命令重启rsync服务。
浏览次数:4224
严重程度:0(网友投票)
绿盟科技给您安全的保障