Skip to navigation

Security Advisory Moderate: Red Hat Application Stack v2.3 security and enhancement update

Advisory: RHSA-2009:1067-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-05-26
Last updated on: 2009-05-26
Affected Products: Red Hat Application Stack v2
CVEs (cve.mitre.org): CVE-2008-3963
CVE-2008-4098
CVE-2009-0663
CVE-2009-0922
CVE-2009-1341

Details

Red Hat Application Stack v2.3 is now available. This update fixes several
security issues and adds various enhancements.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Red Hat Application Stack v2.3 is an integrated open source application
stack, that includes Red Hat Enterprise Linux 5 and JBoss Enterprise
Application Platform (EAP). JBoss EAP is provided through the JBoss EAP
channels on the Red Hat Network.

This update fixes the following security issues:

A heap-based buffer overflow flaw was discovered in the perl-DBD-Pg
pg_getline function implementation. If the pg_getline or getline functions
read large, untrusted records from a database, it could cause an
application using these functions to crash or, possibly, execute arbitrary
code. (CVE-2009-0663)

Note: After installing this update, pg_getline may return more data than
specified by its second argument, as this argument will be ignored. This is
consistent with current upstream behavior. Previously, the length limit
(the second argument) was not enforced, allowing a buffer overflow.

A memory leak flaw was found in the perl-DBD-Pg function performing the
de-quoting of BYTEA type values acquired from a database. An attacker able
to cause an application using perl-DBD-Pg to perform a large number of SQL
queries returning BYTEA records, could cause the application to use
excessive amounts of memory or, possibly, crash. (CVE-2009-1341)

MySQL was updated to version 5.0.79, fixing the following security issues:

A flaw was found in the way MySQL handles an empty bit-string literal. A
remote, authenticated attacker could crash the MySQL server daemon (mysqld)
if they used an empty bit-string literal in an SQL statement. This issue
only caused a temporary denial of service, as the MySQL daemon was
automatically restarted after the crash. (CVE-2008-3963)

It was discovered that the Red Hat Security Advisory RHSA-2008:0505, for
Red Hat Application Stack v2.1, provided an incomplete fix for the flaw
where MySQL did not correctly check directories used as arguments for the
DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an
authenticated attacker could elevate their access privileges to tables
created by other database users. Note: This attack does not work on
existing tables. An attacker can only elevate their access to another
user's tables as the tables are created. As well, the names of these
created tables need to be predicted correctly for this attack to succeed.
(CVE-2008-4098)

PostgreSQL was updated to version 8.2.13, fixing the following security
issue:

A flaw was found in the way PostgreSQL handles encoding conversion. A
remote, authenticated user could trigger an encoding conversion failure,
possibly leading to a temporary denial of service. (CVE-2009-0922)

Also, the following packages have been updated:

* httpd to 2.2.11
* mysql-connector-odbc to 3.51.27r695
* perl-DBD-MySQL to 4.010-1.el5s2
* php to 5.2.9
* postgresql-jdbc to 8.2.509
* postgresqlclient81 to 8.1.17

All users should upgrade to these updated packages, which resolve these
issues. Users must restart the individual services, including postgresql,
mysqld, and httpd, for this update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Application Stack v2

SRPMS:
httpd-2.2.11-2.el5s2.src.rpm
File outdated by:  RHSA-2011:1369
    MD5: e34ab7875a323e9c77b3a42956dd3d35
mod_jk-1.2.28-2.el5s2.src.rpm     MD5: d2e1aeb88e340b8799bfe9b00c2ee107
perl-DBD-MySQL-4.010-1.el5s2.src.rpm
File outdated by:  RHSA-2009:1461
    MD5: 848fe92b4e3ee7a8e89619469d56c9ca
perl-DBD-Pg-1.49-5.el5s2.src.rpm     MD5: 4b84c71a14e58411228318d5e120af5f
php-5.2.9-2.el5s2.src.rpm
File outdated by:  RHSA-2012:0570
    MD5: 4cf042c01acd89c8a434d4bd63953b47
postgresql-8.2.13-2.el5s2.src.rpm
File outdated by:  RHSA-2009:1461
    MD5: 44105e4957b8fd6ab7fa060cd080587c
postgresql-jdbc-8.2.509-2jpp.el5s2.src.rpm
File outdated by:  RHSA-2009:1461
    MD5: 8d5fce8f4b89a385bb7c198be8db1616
postgresqlclient81-8.1.17-1.el5s2.src.rpm     MD5: 99b48a4a952690a7a55d741de449098a
 
IA-32:
httpd-2.2.11-2.el5s2.i386.rpm
File outdated by:  RHSA-2011:1369
    MD5: b14bc113d6dd2392dd7169a956aa2f77
httpd-devel-2.2.11-2.el5s2.i386.rpm
File outdated by:  RHSA-2011:1369
    MD5: 3666c068575cc2e2347abb7b9498a6ec
httpd-manual-2.2.11-2.el5s2.i386.rpm
File outdated by:  RHSA-2011:1369
    MD5: 88ebd0f44ff44842607ff284047962ce
mod_jk-ap20-1.2.28-2.el5s2.i386.rpm     MD5: 2e725ee8e2a2cfb683107ac68928e4f3
mod_ssl-2.2.11-2.el5s2.i386.rpm
File outdated by:  RHSA-2011:1369
    MD5: b49a73355f5e301af70eebc2255192cc
mysql-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: f3a44b18a14cea95b06847c86323ceb9
mysql-bench-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 94c81ae21238ddf3b5b62f32da561a2e
mysql-cluster-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 368cb2e77ddb9e1beefab63387d4dafe
mysql-connector-odbc-3.51.27r695-1.el5s2.i386.rpm     MD5: 39d818731dd087fb1d3e6412312908e2
mysql-devel-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 3fe3aa14e6b07176aee64db3e502a21c
mysql-libs-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 07995531b778b4be31006d7ba2edce09
mysql-server-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 85c7679fa8a091c4601f2c7efaa5c5c9
mysql-test-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: b80116b98be1bf22215d37ded59174b9
perl-DBD-MySQL-4.010-1.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: e8c3735374a60935b855172d095e1923
perl-DBD-Pg-1.49-5.el5s2.i386.rpm     MD5: 0d947e3ff83536ec84feb46e04e466f8
php-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 8b057da300652ce58479742c9e502516
php-bcmath-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 33ef67c03fc50af4257a0881f62f9cc6
php-cli-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 300ffa4ee3050b01fbd2ce13abfb48b3
php-common-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 92eaaba75a2b06e1e73871d24d2eb007
php-dba-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 3fe9f12987cbc83cb426a5888ce8e1a8
php-devel-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 9ba45ff80877ede5b776c549f7e4d7ea
php-gd-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 7d41fb41256e205b5ec2daa6b76e0daa
php-imap-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: befc63ae705edee0e3190abc36052a28
php-ldap-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 163b36577d443e29df266bec9da4e7da
php-mbstring-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: d59c3bceb91acb6b0042ac84f992fb56
php-mysql-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: e9d214fdadf936c948873188325e01c7
php-ncurses-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 1a2f9b37910c8c17cd637c46cd777494
php-odbc-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 6ea949a5bc1646da979bfa685a557247
php-pdo-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: c023a6ffe8a8337e59625a51ed8c07c3
php-pgsql-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 919a1ea9e5adc9990aade76ea0d455dd
php-snmp-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: dc2a13df8a8fcba131a79eea184162a4
php-soap-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: e3042e1b73728b047b16ddfd399ff3e1
php-xml-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: 50358f1f6cf9fe0995bff2fde1fd63fd
php-xmlrpc-5.2.9-2.el5s2.i386.rpm
File outdated by:  RHSA-2012:0570
    MD5: e4a828c0852f092cda9e09af40a5937f
postgresql-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: aeec23542304d05384018a4efa0313f6
postgresql-contrib-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 4d2d22017c590630325b981967f60e32
postgresql-devel-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 9d6840b5cdfe744b17772bbb79df0a7f
postgresql-docs-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 5d4729d2c57e4ea4523e81be7147bbcf
postgresql-jdbc-8.2.509-2jpp.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: e9cad54d9685ef08d5b3d6e646d64723
postgresql-libs-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: f68058f8404a027da26fefc17879785a
postgresql-plperl-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 6d48742927a85b3a5dad72ff2f9f3314
postgresql-plpython-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: fb89b447054a629f57fe6a6df39aad86
postgresql-pltcl-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: d505ca23299e7b65f3b12328affcd2f8
postgresql-python-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: c270340c0e45183a7bc7321009f5e4c0
postgresql-server-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 23969ed318ac8bf91a0d48f8a62cf62a
postgresql-tcl-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 8de15c85eabde0f01a6395ccf0348008
postgresql-test-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 59dd270fdae80b1b56491cc7adfe9629
postgresqlclient81-8.1.17-1.el5s2.i386.rpm     MD5: f3007e0641ba6dfbe8eed7dc5062fe69
 
x86_64:
httpd-2.2.11-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2011:1369
    MD5: 1c317f3dccceaea10df0de87740ef0df
httpd-devel-2.2.11-2.el5s2.i386.rpm
File outdated by:  RHSA-2011:1369
    MD5: 3666c068575cc2e2347abb7b9498a6ec
httpd-devel-2.2.11-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2011:1369
    MD5: 6f1592400c6b21f55491ede9e36e02f4
httpd-manual-2.2.11-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2011:1369
    MD5: 6940d5ea77ae0f8914b71002ce605a1c
mod_jk-ap20-1.2.28-2.el5s2.x86_64.rpm     MD5: 0e32a82900831def76d9dff47e879da8
mod_ssl-2.2.11-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2011:1369
    MD5: 877dce9ac7015a3d4198c5c07bab8f89
mysql-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: f3a44b18a14cea95b06847c86323ceb9
mysql-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: abbf5c3e6321f8d9aec0c6ec0ff6c2a8
mysql-bench-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: cb63b16f0bb5976d52afa06f28f2bbb0
mysql-cluster-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 31c1f3a61f46a22a7113f8af7ecf2825
mysql-connector-odbc-3.51.27r695-1.el5s2.x86_64.rpm     MD5: 3f7a52fc8729c1e459c78e72d4bd83fc
mysql-devel-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 3fe3aa14e6b07176aee64db3e502a21c
mysql-devel-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 7ded27c289cc5be4a516cf6773af119d
mysql-libs-5.0.79-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 07995531b778b4be31006d7ba2edce09
mysql-libs-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 1715c784d38799c7429704c105911cba
mysql-server-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 54af5faefe465afb1661142942523d20
mysql-test-5.0.79-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: c53ed4af36bce7c0506d4c90b6a688e2
perl-DBD-MySQL-4.010-1.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: f1d11c61badeb8236e921040cb0398e4
perl-DBD-Pg-1.49-5.el5s2.x86_64.rpm     MD5: 75ff29bfa53726599e6ea36c2e40271e
php-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 50e3d317dea8ad19d39f88714c72b098
php-bcmath-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 709b8482efac375b514c68f0295505f8
php-cli-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: fb29a231e71b76c8ede4ea5adba4a01d
php-common-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: c07a875e8926d6f3ca0368966b9a4fbd
php-dba-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 53d2bfe8b80b2065d6b4fec5ffcf6f63
php-devel-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 6d94a67d493a0d96de86776957f7ec29
php-gd-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: bdf8d3e6bc643a8142382b764afc205d
php-imap-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: bd030bd9e9c288746919e1e85c0e6186
php-ldap-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: e369882fffd4e7ad1787a8e834f13954
php-mbstring-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: b28ea227d210f3d5178ccdc2b051cff7
php-mysql-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 2bfa27a2418ed3035dd2fde671039007
php-ncurses-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: e38a068a4e34bda307a43f8ec20c019d
php-odbc-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 7b652440f17cfd3d0af65cfb0d78cc61
php-pdo-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: a8cac6ee3c16ec587e18d4caa55bd0a8
php-pgsql-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: c494c74bd8e4cf530dbeeabf3cb93ed0
php-snmp-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 5b2be702594a073cb5085cceefd1e647
php-soap-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 1147eef27ded4913ba80b305f5b45505
php-xml-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: fff047905c7e3800e7ac7273affff0ae
php-xmlrpc-5.2.9-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2012:0570
    MD5: 4f9f9a5a9e7ea5c39818ad3db95dfe69
postgresql-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 7cb5d1b73f70e8915ec0a491586724c1
postgresql-contrib-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: d741bde506d328a45f6726de789a3731
postgresql-devel-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: 9d6840b5cdfe744b17772bbb79df0a7f
postgresql-devel-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: ba68b695e6f17e1808f9aad366d51b2a
postgresql-docs-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: c95e98430dfc0394257a1f417c75c84f
postgresql-jdbc-8.2.509-2jpp.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 3699bedd85cc5a6bf1c56ac8de162015
postgresql-libs-8.2.13-2.el5s2.i386.rpm
File outdated by:  RHSA-2009:1461
    MD5: f68058f8404a027da26fefc17879785a
postgresql-libs-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: b29b84a21585c194a935a069e5b39347
postgresql-plperl-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 2c17b0e4088f05a05e51b5458f0a2d52
postgresql-plpython-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 4294a8932c5c3ae55ceddf39e2f6896e
postgresql-pltcl-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: a772d1d7816ceba6884163d59a799ee6
postgresql-python-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: aad3cefe6121f5b04dd730bb0b44990e
postgresql-server-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: f6ea86fcc54401f4387d8d41e8bdec74
postgresql-tcl-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: a46c6fff07d5316be900beaa88079abe
postgresql-test-8.2.13-2.el5s2.x86_64.rpm
File outdated by:  RHSA-2009:1461
    MD5: 1126d13ba77453657025f7ca17caa074
postgresqlclient81-8.1.17-1.el5s2.i386.rpm     MD5: f3007e0641ba6dfbe8eed7dc5062fe69
postgresqlclient81-8.1.17-1.el5s2.x86_64.rpm     MD5: 76f7c491f1d1b6f4a9418306a56414a6
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

454077 - CVE-2008-4098 mysql: incomplete upstream fix for CVE-2008-2079
462071 - CVE-2008-3963 MySQL: Using an empty binary value leads to server crash
488156 - CVE-2009-0922 postgresql: potential DoS due to conversion functions
497367 - CVE-2009-0663 perl-DBD-Pg: pg_getline buffer overflow
497503 - CVE-2009-1341 perl-DBD-Pg: dequote_bytea memory leak


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/