Security Advisory Moderate: postgresql security update

Advisory: RHSA-2008:0038-7
Type: Security Advisory
Severity: Moderate
Issued on: 2008-01-11
Last updated on: 2008-01-11
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20080038.xml
CVEs (cve.mitre.org): CVE-2007-3278
CVE-2007-4769
CVE-2007-4772
CVE-2007-6067
CVE-2007-6600
CVE-2007-6601

Details

Updated postgresql packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

PostgreSQL is an advanced Object-Relational database management system
(DBMS). The postgresql packages include the client programs and libraries
needed to access a PostgreSQL DBMS server.

Will Drewry discovered multiple flaws in PostgreSQL's regular expression
engine. An authenticated attacker could use these flaws to cause a denial
of service by causing the PostgreSQL server to crash, enter an infinite
loop, or use extensive CPU and memory resources while processing queries
containing specially crafted regular expressions. Applications that accept
regular expressions from untrusted sources may expose this problem to
unauthorized attackers. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067)

A privilege escalation flaw was discovered in PostgreSQL. An authenticated
attacker could create an index function that would be executed with
administrator privileges during database maintenance tasks, such as
database vacuuming. (CVE-2007-6600)

A privilege escalation flaw was discovered in PostgreSQL's Database Link
library (dblink). An authenticated attacker could use dblink to possibly
escalate privileges on systems with "trust" or "ident" authentication
configured. Please note that dblink functionality is not enabled by
default, and can only by enabled by a database administrator on systems
with the postgresql-contrib package installed. (CVE-2007-3278,
CVE-2007-6601)

All postgresql users should upgrade to these updated packages, which
include PostgreSQL 7.4.19 and 8.1.11, and resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
IA-32:
postgresql-devel-8.1.11-1.el5_1.1.i386.rpm     9f5e16d9e2d4aaf2abdbf69c6aac5c37
postgresql-pl-8.1.11-1.el5_1.1.i386.rpm     427dfc958021f5dfef0a89118d003623
postgresql-server-8.1.11-1.el5_1.1.i386.rpm     392e142e686f223c0a402059032ced14
postgresql-test-8.1.11-1.el5_1.1.i386.rpm     8916de8c89b8689cc1085e627eff85b6
 
x86_64:
postgresql-devel-8.1.11-1.el5_1.1.i386.rpm     9f5e16d9e2d4aaf2abdbf69c6aac5c37
postgresql-devel-8.1.11-1.el5_1.1.x86_64.rpm     1d89d3f92dd9bbaa039f4a93d3bdc6de
postgresql-pl-8.1.11-1.el5_1.1.x86_64.rpm     ad102dbe8f50bf8da3a82596d9a8a82c
postgresql-server-8.1.11-1.el5_1.1.x86_64.rpm     84ca45f7082f4efa73cb3913eea808cd
postgresql-test-8.1.11-1.el5_1.1.x86_64.rpm     859cb07ae1488245e16f9709703cbdc9
 
Red Hat Desktop (v. 4)
SRPMS:
postgresql-7.4.19-1.el4_6.1.src.rpm     67a3b7c3801d0375ecba2c8a02637824
 
IA-32:
postgresql-7.4.19-1.el4_6.1.i386.rpm     62559ac39a562a55b682fe902812756e
postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm     532c45ca232d8b30e23dc48cea31e23f
postgresql-devel-7.4.19-1.el4_6.1.i386.rpm     de0a08685f3c1c24ea463abb39187559
postgresql-docs-7.4.19-1.el4_6.1.i386.rpm     c038d53938a6675e454f5e2125c14867
postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm     665e417d378c2c4613725d9bc57d325b
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-pl-7.4.19-1.el4_6.1.i386.rpm     d7f4e1d55451e95b6f1ee0f3e4dc15fc
postgresql-python-7.4.19-1.el4_6.1.i386.rpm     0fdfc971966aa258f5f4f60d4c03a0b7
postgresql-server-7.4.19-1.el4_6.1.i386.rpm     1268c6338420fdb0a278377ac00b3b3a
postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm     136983a23016e1de06fb86b093e6a372
postgresql-test-7.4.19-1.el4_6.1.i386.rpm     af42af3663f6ac77f024d85732bd0627
 
x86_64:
postgresql-7.4.19-1.el4_6.1.x86_64.rpm     965b4e6d272bab2537a56a16e3b055c6
postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm     8fdb2e855700cd3bcc93a3d9e666834d
postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm     777a81bba53a63fc3a232c50ecf363c4
postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm     30ac8beac4c9bc4a4071ec566d5760ad
postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm     bb438646d3e84a3f8fe207f934bcd1a7
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm     02b0ce9e55856a12566d36ae0858725d
postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm     a745aa7617931cdb22594c88b6de6116
postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm     8fd9be23a7b1b2aece7b007c2e86d107
postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm     ae2f4eec6a308026dad00198d8a4f1eb
postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm     d423ae74537e582a5bb34fdbc6474162
postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm     348bba254291c84773482e91d5c658ed
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
postgresql-8.1.11-1.el5_1.1.src.rpm     5eae5d61da4e8fef27eb9fd3a80d7982
 
IA-32:
postgresql-8.1.11-1.el5_1.1.i386.rpm     a00ec675e2fb394b2ac29b43a8a5e0a4
postgresql-contrib-8.1.11-1.el5_1.1.i386.rpm     f344ce9a4564180f687d1cdb700e3ea9
postgresql-devel-8.1.11-1.el5_1.1.i386.rpm     9f5e16d9e2d4aaf2abdbf69c6aac5c37
postgresql-docs-8.1.11-1.el5_1.1.i386.rpm     a5ff1c16023bac31164f9f2786d283b4
postgresql-libs-8.1.11-1.el5_1.1.i386.rpm     396e9512c057a47c5877e79b8752f714
postgresql-pl-8.1.11-1.el5_1.1.i386.rpm     427dfc958021f5dfef0a89118d003623
postgresql-python-8.1.11-1.el5_1.1.i386.rpm     9ad0e5e0421c47e464eac737c4258521
postgresql-server-8.1.11-1.el5_1.1.i386.rpm     392e142e686f223c0a402059032ced14
postgresql-tcl-8.1.11-1.el5_1.1.i386.rpm     8b753018f05a4b35e224ef75fe2bf99d
postgresql-test-8.1.11-1.el5_1.1.i386.rpm     8916de8c89b8689cc1085e627eff85b6
 
IA-64:
postgresql-8.1.11-1.el5_1.1.ia64.rpm     b0bb11b6fb8cbbc63596bb6a1752aac3
postgresql-contrib-8.1.11-1.el5_1.1.ia64.rpm     86f67a1881eaaaee710c8e4f90ffd25b
postgresql-devel-8.1.11-1.el5_1.1.ia64.rpm     46919f9fbfc717bd4377dc88a27e8e08
postgresql-docs-8.1.11-1.el5_1.1.ia64.rpm     cac4872eccbdc53baabf98e78062b42a
postgresql-libs-8.1.11-1.el5_1.1.i386.rpm     396e9512c057a47c5877e79b8752f714
postgresql-libs-8.1.11-1.el5_1.1.ia64.rpm     47c3517aa6dc4052c51a24c003f9e4ed
postgresql-pl-8.1.11-1.el5_1.1.ia64.rpm     295d79bb831c98ec9866015bc57ab102
postgresql-python-8.1.11-1.el5_1.1.ia64.rpm     778e36cc94a16719c48431ff9cb1e3f8
postgresql-server-8.1.11-1.el5_1.1.ia64.rpm     2ac2de901412f632ec918b298eb4a669
postgresql-tcl-8.1.11-1.el5_1.1.ia64.rpm     a3cc901087df762f6c2635d346e4c04f
postgresql-test-8.1.11-1.el5_1.1.ia64.rpm     d907980b8e1784a40f0951e580ed676f
 
PPC:
postgresql-8.1.11-1.el5_1.1.ppc.rpm     acd4dc842d762e8ac34ee7677918422c
postgresql-contrib-8.1.11-1.el5_1.1.ppc.rpm     06f68ab6f3a3a2fab9b0a6445fbd268c
postgresql-devel-8.1.11-1.el5_1.1.ppc.rpm     52b81a454f6e577783d83f7c8c805919
postgresql-devel-8.1.11-1.el5_1.1.ppc64.rpm     01b88742302b4efec7611b65eeb0dec2
postgresql-docs-8.1.11-1.el5_1.1.ppc.rpm     13b5c9d285fb05b11ad23994f3402df1
postgresql-libs-8.1.11-1.el5_1.1.ppc.rpm     46b2d5cc4a44070449bd65fe6f078909
postgresql-libs-8.1.11-1.el5_1.1.ppc64.rpm     c15fec8996ef3762317a24a274a71306
postgresql-pl-8.1.11-1.el5_1.1.ppc.rpm     4a280a25741d2a78209b150b3781a9b4
postgresql-python-8.1.11-1.el5_1.1.ppc.rpm     e4735d70460e23e63a6361a25a3d930f
postgresql-server-8.1.11-1.el5_1.1.ppc.rpm     9c4d3cbdc1c0ed0e51be07538f1fbd60
postgresql-tcl-8.1.11-1.el5_1.1.ppc.rpm     cc59524503f64d4a6d60cae7dcaa567e
postgresql-test-8.1.11-1.el5_1.1.ppc.rpm     d831b2ee0d9018d397a86b6617f7cb48
 
s390x:
postgresql-8.1.11-1.el5_1.1.s390x.rpm     983e0cc7bf8c7a6081bd3f485b9518d3
postgresql-contrib-8.1.11-1.el5_1.1.s390x.rpm     972e58113847e6cb1417a62bffbc044d
postgresql-devel-8.1.11-1.el5_1.1.s390.rpm     c362e0a966d50fccaec72eaea6fd4612
postgresql-devel-8.1.11-1.el5_1.1.s390x.rpm     ffaa640c459c1479d172362bbb16a44f
postgresql-docs-8.1.11-1.el5_1.1.s390x.rpm     ebe95adffa2febc15b9718efb7d6bfaa
postgresql-libs-8.1.11-1.el5_1.1.s390.rpm     1a1a31a52dd3cfd2d1f1695c404a5dfc
postgresql-libs-8.1.11-1.el5_1.1.s390x.rpm     59f5bf3c2556ce50cb445827f63c8a2d
postgresql-pl-8.1.11-1.el5_1.1.s390x.rpm     1b77d80b1f2c3a3ffc523133b701a520
postgresql-python-8.1.11-1.el5_1.1.s390x.rpm     b5b7068da3bb700c6e402a63bf71963d
postgresql-server-8.1.11-1.el5_1.1.s390x.rpm     2529d6cbc13cd1976a2e73ccf55b1054
postgresql-tcl-8.1.11-1.el5_1.1.s390x.rpm     3e4731312ed4248b771eb31559491e56
postgresql-test-8.1.11-1.el5_1.1.s390x.rpm     172b90360c2de1e756740726b26dafcb
 
x86_64:
postgresql-8.1.11-1.el5_1.1.x86_64.rpm     fe6ad92b749c3dc4ae8bb119cda38e73
postgresql-contrib-8.1.11-1.el5_1.1.x86_64.rpm     0751092dcf84dcd67d5d3e9cc029b5bd
postgresql-devel-8.1.11-1.el5_1.1.i386.rpm     9f5e16d9e2d4aaf2abdbf69c6aac5c37
postgresql-devel-8.1.11-1.el5_1.1.x86_64.rpm     1d89d3f92dd9bbaa039f4a93d3bdc6de
postgresql-docs-8.1.11-1.el5_1.1.x86_64.rpm     4cfe52f4de0e1f276d1c4eef51d407dc
postgresql-libs-8.1.11-1.el5_1.1.i386.rpm     396e9512c057a47c5877e79b8752f714
postgresql-libs-8.1.11-1.el5_1.1.x86_64.rpm     549ce0273c53aa19398c166761eef56e
postgresql-pl-8.1.11-1.el5_1.1.x86_64.rpm     ad102dbe8f50bf8da3a82596d9a8a82c
postgresql-python-8.1.11-1.el5_1.1.x86_64.rpm     156e3a7811a5bf42194116401e330494
postgresql-server-8.1.11-1.el5_1.1.x86_64.rpm     84ca45f7082f4efa73cb3913eea808cd
postgresql-tcl-8.1.11-1.el5_1.1.x86_64.rpm     8b47701da9b73b31a7171355f3bb0a30
postgresql-test-8.1.11-1.el5_1.1.x86_64.rpm     859cb07ae1488245e16f9709703cbdc9
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
postgresql-7.4.19-1.el4_6.1.src.rpm     67a3b7c3801d0375ecba2c8a02637824
 
IA-32:
postgresql-7.4.19-1.el4_6.1.i386.rpm     62559ac39a562a55b682fe902812756e
postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm     532c45ca232d8b30e23dc48cea31e23f
postgresql-devel-7.4.19-1.el4_6.1.i386.rpm     de0a08685f3c1c24ea463abb39187559
postgresql-docs-7.4.19-1.el4_6.1.i386.rpm     c038d53938a6675e454f5e2125c14867
postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm     665e417d378c2c4613725d9bc57d325b
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-pl-7.4.19-1.el4_6.1.i386.rpm     d7f4e1d55451e95b6f1ee0f3e4dc15fc
postgresql-python-7.4.19-1.el4_6.1.i386.rpm     0fdfc971966aa258f5f4f60d4c03a0b7
postgresql-server-7.4.19-1.el4_6.1.i386.rpm     1268c6338420fdb0a278377ac00b3b3a
postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm     136983a23016e1de06fb86b093e6a372
postgresql-test-7.4.19-1.el4_6.1.i386.rpm     af42af3663f6ac77f024d85732bd0627
 
IA-64:
postgresql-7.4.19-1.el4_6.1.ia64.rpm     88b34c6cdac99a4c3da5fd4c35ce3fc6
postgresql-contrib-7.4.19-1.el4_6.1.ia64.rpm     bfd11037ff4657c701b21e73f496806d
postgresql-devel-7.4.19-1.el4_6.1.ia64.rpm     13052c7abb0958151417a0c56e834de4
postgresql-docs-7.4.19-1.el4_6.1.ia64.rpm     b5336086680e46387208c253c64d1b7f
postgresql-jdbc-7.4.19-1.el4_6.1.ia64.rpm     2de3a094be02b82ebb170ded95527e0f
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.ia64.rpm     af4d6d9987c640398e40c61ba1a13843
postgresql-pl-7.4.19-1.el4_6.1.ia64.rpm     e72458000bbcc6dc209078c027aaf502
postgresql-python-7.4.19-1.el4_6.1.ia64.rpm     0ccd43e6b377ca718727a63de9623f1d
postgresql-server-7.4.19-1.el4_6.1.ia64.rpm     3487f765af5cbe0fe59aede983ae3cd2
postgresql-tcl-7.4.19-1.el4_6.1.ia64.rpm     7ae7d98622fa57264792857f06f10d73
postgresql-test-7.4.19-1.el4_6.1.ia64.rpm     6b668a129545c12ca5d9bbc26f11afd5
 
PPC:
postgresql-7.4.19-1.el4_6.1.ppc.rpm     d5e4dd49d2a3f4b73760c2e067453d09
postgresql-contrib-7.4.19-1.el4_6.1.ppc.rpm     9dbb1a84f2ab73a7f7aea8857b0e0337
postgresql-devel-7.4.19-1.el4_6.1.ppc.rpm     22c7625faedccc251f8b9bead18feb9e
postgresql-docs-7.4.19-1.el4_6.1.ppc.rpm     a769b42918710f3a92ee5d21badcbe50
postgresql-jdbc-7.4.19-1.el4_6.1.ppc.rpm     24eb10eaaa61c7bd64de75dcbdfa210f
postgresql-libs-7.4.19-1.el4_6.1.ppc.rpm     e2d4e65ea947d8f77c18498c41dc7379
postgresql-libs-7.4.19-1.el4_6.1.ppc64.rpm     87dc93fc32fb2f7e5ec8ec49694c21fa
postgresql-pl-7.4.19-1.el4_6.1.ppc.rpm     b0ca90b2bada323b2fe061de433add34
postgresql-python-7.4.19-1.el4_6.1.ppc.rpm     e76197ad86d9e8a702f735870d27e70f
postgresql-server-7.4.19-1.el4_6.1.ppc.rpm     d32d30de204d463a6d8eb96398c8935a
postgresql-tcl-7.4.19-1.el4_6.1.ppc.rpm     88393fcd4772f8de9741722da51ba17d
postgresql-test-7.4.19-1.el4_6.1.ppc.rpm     84559e34fcfb6aeee9e3450b315d1e25
 
s390:
postgresql-7.4.19-1.el4_6.1.s390.rpm     4843fe62d4cd5b11ad9dd1a4d98928da
postgresql-contrib-7.4.19-1.el4_6.1.s390.rpm     e37365484912c3ada2009f0cc9fef0dd
postgresql-devel-7.4.19-1.el4_6.1.s390.rpm     b4f6b505469a7600c904bc1da8d08f4f
postgresql-docs-7.4.19-1.el4_6.1.s390.rpm     5a3a98c53bd4c83134c7050a943bdb13
postgresql-jdbc-7.4.19-1.el4_6.1.s390.rpm     1f379a5fd8e4b7f3fec1fc8835831742
postgresql-libs-7.4.19-1.el4_6.1.s390.rpm     559099277c8f87a7ef8a511abc7ba55e
postgresql-pl-7.4.19-1.el4_6.1.s390.rpm     9592bf14ed8abb2a38c056f8180d5937
postgresql-python-7.4.19-1.el4_6.1.s390.rpm     e5370bec9ae7a6d85556e3a2de3693e3
postgresql-server-7.4.19-1.el4_6.1.s390.rpm     7c8cd69e2c0060d983c3522eb80010fd
postgresql-tcl-7.4.19-1.el4_6.1.s390.rpm     d9271ae4328c9f26f8ea74c1b30847ab
postgresql-test-7.4.19-1.el4_6.1.s390.rpm     d837992bfa4006bbc69a3b666bb82fca
 
s390x:
postgresql-7.4.19-1.el4_6.1.s390x.rpm     7808ab5555c7dba1565838a40648cb84
postgresql-contrib-7.4.19-1.el4_6.1.s390x.rpm     89b4f4c23dd804b263d865956b8aa80f
postgresql-devel-7.4.19-1.el4_6.1.s390x.rpm     eca05dfac3ad11830e149a4c8fb34754
postgresql-docs-7.4.19-1.el4_6.1.s390x.rpm     e5574f23a25162f65b2ab742932b262b
postgresql-jdbc-7.4.19-1.el4_6.1.s390x.rpm     e113286f23062799d2596ea896015072
postgresql-libs-7.4.19-1.el4_6.1.s390.rpm     559099277c8f87a7ef8a511abc7ba55e
postgresql-libs-7.4.19-1.el4_6.1.s390x.rpm     a8544c791e86dec845fdeb017f9a8024
postgresql-pl-7.4.19-1.el4_6.1.s390x.rpm     46ae5297c98faf8f8ed8b4b91b46a167
postgresql-python-7.4.19-1.el4_6.1.s390x.rpm     197fce3047db1f4c7955b6ab70abfdf8
postgresql-server-7.4.19-1.el4_6.1.s390x.rpm     07af64f8aaa8d1b4f5be3fd2246a3f5d
postgresql-tcl-7.4.19-1.el4_6.1.s390x.rpm     5da89299655a02fb06b9d7f74d594654
postgresql-test-7.4.19-1.el4_6.1.s390x.rpm     5581a971e17c4a907be1fcb2abae03e3
 
x86_64:
postgresql-7.4.19-1.el4_6.1.x86_64.rpm     965b4e6d272bab2537a56a16e3b055c6
postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm     8fdb2e855700cd3bcc93a3d9e666834d
postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm     777a81bba53a63fc3a232c50ecf363c4
postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm     30ac8beac4c9bc4a4071ec566d5760ad
postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm     bb438646d3e84a3f8fe207f934bcd1a7
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm     02b0ce9e55856a12566d36ae0858725d
postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm     a745aa7617931cdb22594c88b6de6116
postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm     8fd9be23a7b1b2aece7b007c2e86d107
postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm     ae2f4eec6a308026dad00198d8a4f1eb
postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm     d423ae74537e582a5bb34fdbc6474162
postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm     348bba254291c84773482e91d5c658ed
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
postgresql-8.1.11-1.el5_1.1.src.rpm     5eae5d61da4e8fef27eb9fd3a80d7982
 
IA-32:
postgresql-8.1.11-1.el5_1.1.i386.rpm     a00ec675e2fb394b2ac29b43a8a5e0a4
postgresql-contrib-8.1.11-1.el5_1.1.i386.rpm     f344ce9a4564180f687d1cdb700e3ea9
postgresql-docs-8.1.11-1.el5_1.1.i386.rpm     a5ff1c16023bac31164f9f2786d283b4
postgresql-libs-8.1.11-1.el5_1.1.i386.rpm     396e9512c057a47c5877e79b8752f714
postgresql-python-8.1.11-1.el5_1.1.i386.rpm     9ad0e5e0421c47e464eac737c4258521
postgresql-tcl-8.1.11-1.el5_1.1.i386.rpm     8b753018f05a4b35e224ef75fe2bf99d
 
x86_64:
postgresql-8.1.11-1.el5_1.1.x86_64.rpm     fe6ad92b749c3dc4ae8bb119cda38e73
postgresql-contrib-8.1.11-1.el5_1.1.x86_64.rpm     0751092dcf84dcd67d5d3e9cc029b5bd
postgresql-docs-8.1.11-1.el5_1.1.x86_64.rpm     4cfe52f4de0e1f276d1c4eef51d407dc
postgresql-libs-8.1.11-1.el5_1.1.i386.rpm     396e9512c057a47c5877e79b8752f714
postgresql-libs-8.1.11-1.el5_1.1.x86_64.rpm     549ce0273c53aa19398c166761eef56e
postgresql-python-8.1.11-1.el5_1.1.x86_64.rpm     156e3a7811a5bf42194116401e330494
postgresql-tcl-8.1.11-1.el5_1.1.x86_64.rpm     8b47701da9b73b31a7171355f3bb0a30
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
postgresql-7.4.19-1.el4_6.1.src.rpm     67a3b7c3801d0375ecba2c8a02637824
 
IA-32:
postgresql-7.4.19-1.el4_6.1.i386.rpm     62559ac39a562a55b682fe902812756e
postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm     532c45ca232d8b30e23dc48cea31e23f
postgresql-devel-7.4.19-1.el4_6.1.i386.rpm     de0a08685f3c1c24ea463abb39187559
postgresql-docs-7.4.19-1.el4_6.1.i386.rpm     c038d53938a6675e454f5e2125c14867
postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm     665e417d378c2c4613725d9bc57d325b
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-pl-7.4.19-1.el4_6.1.i386.rpm     d7f4e1d55451e95b6f1ee0f3e4dc15fc
postgresql-python-7.4.19-1.el4_6.1.i386.rpm     0fdfc971966aa258f5f4f60d4c03a0b7
postgresql-server-7.4.19-1.el4_6.1.i386.rpm     1268c6338420fdb0a278377ac00b3b3a
postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm     136983a23016e1de06fb86b093e6a372
postgresql-test-7.4.19-1.el4_6.1.i386.rpm     af42af3663f6ac77f024d85732bd0627
 
IA-64:
postgresql-7.4.19-1.el4_6.1.ia64.rpm     88b34c6cdac99a4c3da5fd4c35ce3fc6
postgresql-contrib-7.4.19-1.el4_6.1.ia64.rpm     bfd11037ff4657c701b21e73f496806d
postgresql-devel-7.4.19-1.el4_6.1.ia64.rpm     13052c7abb0958151417a0c56e834de4
postgresql-docs-7.4.19-1.el4_6.1.ia64.rpm     b5336086680e46387208c253c64d1b7f
postgresql-jdbc-7.4.19-1.el4_6.1.ia64.rpm     2de3a094be02b82ebb170ded95527e0f
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.ia64.rpm     af4d6d9987c640398e40c61ba1a13843
postgresql-pl-7.4.19-1.el4_6.1.ia64.rpm     e72458000bbcc6dc209078c027aaf502
postgresql-python-7.4.19-1.el4_6.1.ia64.rpm     0ccd43e6b377ca718727a63de9623f1d
postgresql-server-7.4.19-1.el4_6.1.ia64.rpm     3487f765af5cbe0fe59aede983ae3cd2
postgresql-tcl-7.4.19-1.el4_6.1.ia64.rpm     7ae7d98622fa57264792857f06f10d73
postgresql-test-7.4.19-1.el4_6.1.ia64.rpm     6b668a129545c12ca5d9bbc26f11afd5
 
x86_64:
postgresql-7.4.19-1.el4_6.1.x86_64.rpm     965b4e6d272bab2537a56a16e3b055c6
postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm     8fdb2e855700cd3bcc93a3d9e666834d
postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm     777a81bba53a63fc3a232c50ecf363c4
postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm     30ac8beac4c9bc4a4071ec566d5760ad
postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm     bb438646d3e84a3f8fe207f934bcd1a7
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm     02b0ce9e55856a12566d36ae0858725d
postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm     a745aa7617931cdb22594c88b6de6116
postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm     8fd9be23a7b1b2aece7b007c2e86d107
postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm     ae2f4eec6a308026dad00198d8a4f1eb
postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm     d423ae74537e582a5bb34fdbc6474162
postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm     348bba254291c84773482e91d5c658ed
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
postgresql-7.4.19-1.el4_6.1.src.rpm     67a3b7c3801d0375ecba2c8a02637824
 
IA-32:
postgresql-7.4.19-1.el4_6.1.i386.rpm     62559ac39a562a55b682fe902812756e
postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm     532c45ca232d8b30e23dc48cea31e23f
postgresql-devel-7.4.19-1.el4_6.1.i386.rpm     de0a08685f3c1c24ea463abb39187559
postgresql-docs-7.4.19-1.el4_6.1.i386.rpm     c038d53938a6675e454f5e2125c14867
postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm     665e417d378c2c4613725d9bc57d325b
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-pl-7.4.19-1.el4_6.1.i386.rpm     d7f4e1d55451e95b6f1ee0f3e4dc15fc
postgresql-python-7.4.19-1.el4_6.1.i386.rpm     0fdfc971966aa258f5f4f60d4c03a0b7
postgresql-server-7.4.19-1.el4_6.1.i386.rpm     1268c6338420fdb0a278377ac00b3b3a
postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm     136983a23016e1de06fb86b093e6a372
postgresql-test-7.4.19-1.el4_6.1.i386.rpm     af42af3663f6ac77f024d85732bd0627
 
IA-64:
postgresql-7.4.19-1.el4_6.1.ia64.rpm     88b34c6cdac99a4c3da5fd4c35ce3fc6
postgresql-contrib-7.4.19-1.el4_6.1.ia64.rpm     bfd11037ff4657c701b21e73f496806d
postgresql-devel-7.4.19-1.el4_6.1.ia64.rpm     13052c7abb0958151417a0c56e834de4
postgresql-docs-7.4.19-1.el4_6.1.ia64.rpm     b5336086680e46387208c253c64d1b7f
postgresql-jdbc-7.4.19-1.el4_6.1.ia64.rpm     2de3a094be02b82ebb170ded95527e0f
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.ia64.rpm     af4d6d9987c640398e40c61ba1a13843
postgresql-pl-7.4.19-1.el4_6.1.ia64.rpm     e72458000bbcc6dc209078c027aaf502
postgresql-python-7.4.19-1.el4_6.1.ia64.rpm     0ccd43e6b377ca718727a63de9623f1d
postgresql-server-7.4.19-1.el4_6.1.ia64.rpm     3487f765af5cbe0fe59aede983ae3cd2
postgresql-tcl-7.4.19-1.el4_6.1.ia64.rpm     7ae7d98622fa57264792857f06f10d73
postgresql-test-7.4.19-1.el4_6.1.ia64.rpm     6b668a129545c12ca5d9bbc26f11afd5
 
x86_64:
postgresql-7.4.19-1.el4_6.1.x86_64.rpm     965b4e6d272bab2537a56a16e3b055c6
postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm     8fdb2e855700cd3bcc93a3d9e666834d
postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm     777a81bba53a63fc3a232c50ecf363c4
postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm     30ac8beac4c9bc4a4071ec566d5760ad
postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm     bb438646d3e84a3f8fe207f934bcd1a7
postgresql-libs-7.4.19-1.el4_6.1.i386.rpm     d39717ebc2946b1d198ea587fff2cf44
postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm     02b0ce9e55856a12566d36ae0858725d
postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm     a745aa7617931cdb22594c88b6de6116
postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm     8fd9be23a7b1b2aece7b007c2e86d107
postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm     ae2f4eec6a308026dad00198d8a4f1eb
postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm     d423ae74537e582a5bb34fdbc6474162
postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm     348bba254291c84773482e91d5c658ed
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

309141 - CVE-2007-3278 dblink allows proxying of database connections via 127.0.0.1
315231 - CVE-2007-4769 postgresql integer overflow in regex code
316511 - CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code
400931 - CVE-2007-6067 postgresql: tempory DoS caused by slow regex NFA cleanup
427127 - CVE-2007-6600 PostgreSQL privilege escalation
427128 - CVE-2007-6601 PostgreSQL privilege escalation via dblink


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/