From martin.pitt@canonical.com Thu May 5 17:15:49 2005 From: Martin Pitt To: ubuntu-security-announce@lists.ubuntu.com Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com Date: Wed, 4 May 2005 16:57:46 +0200 Subject: [USN-118-1] PostgreSQL vulnerabilities =========================================================== Ubuntu Security Notice USN-118-1 May 04, 2005 postgresql vulnerabilities CAN-2005-1409, CAN-2005-1410 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: postgresql postgresql-contrib The problem can be corrected by upgrading the affected package to version 7.4.5-3ubuntu0.5 (for Ubuntu 4.10) and 7.4.7-2ubuntu2.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that unprivileged users were allowed to call internal character conversion functions. However, since these functions were not designed to be safe against malicious choices of argument values, this could potentially be exploited to execute arbitrary code with the privileges of the PostgreSQL server (user "postgres"). (CAN-2005-1409) Another vulnerability was found in the "tsearch2" module of postgresql-contrib. This module declared several functions as internal, although they did not accept any internal argument; this breaks the type safety of "internal" by allowing users to construct SQL commands that invoke other functions accepting "internal" arguments. This could eventually be exploited to crash the server, or possibly even execute arbitrary code with the privileges of the PostgreSQL server. (CAN-2005-1410) These vulnerabilities must also be fixed in all existing databases when upgrading. The post-installation script of the updated package attempts to do this automatically; if the package installs without any error, all existing databases have been updated to be safe against above vulnerabilities. Should the installation fail, please contact the Ubuntu security team (security@ubuntu.com) immediately. Updated packages for Ubuntu 4.10 (Warty Warthog): Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.5-3ubuntu0.5.diff.gz Size/MD5: 149709 a5af62a8d94ef9ca4de73597c6843079 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.5-3ubuntu0.5.dsc Size/MD5: 991 6229c3cc3dce2cd1c8fa5a204f21fcab http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.5.orig.tar.gz Size/MD5: 9895913 a295885a36ed8e7ec7a7e887218ceabc Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-doc_7.4.5-3ubuntu0.5_all.deb Size/MD5: 2256658 bd42a601de3c629f30fa2158df417c1c amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg-dev_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 207052 02eb867e6b459d6c5b305d25d2467e6c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg4_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 91476 aed90f1d1157f87c85ad6fc5b14cb465 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl-dev_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 49184 ef9c74cc3de5c8043f0d3489f8f8d0a9 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 74092 4316f4092a3258b0b17c9184bb124161 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpq3_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 116004 d3a2a8dd35207a947621f21081169b92 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-client_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 518710 4aa862fa4d05ef90a75ec74a148364d3 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql/postgresql-contrib_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 624828 5627b561d2fdd22c21fb58bdfffa3ec6 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-dev_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 509694 fad5b78cd93f55d75d1649d4765e11dc http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.5-3ubuntu0.5_amd64.deb Size/MD5: 3881486 19c81e38a9cd6c2a8e75022125a4b23d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg-dev_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 195194 d1f37e56b618156ce6e167a686c3ccce http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg4_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 85990 6eb859dfe58341abe3e5c0e23be185a7 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl-dev_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 48150 b1ac328fde072545a962d39315345e53 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 70956 72972bf316675330a17edb0c0f8dd6ee http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpq3_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 109242 a4dd62dbd6670172d4a256fdeaa9fe21 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-client_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 492482 47155c199d7db99a33fb24a984c7e784 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql/postgresql-contrib_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 577944 1a086cdd29f49a50c929d7358c19e06a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-dev_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 502848 8e94333f65f3ff8f7f0c880163c867ca http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.5-3ubuntu0.5_i386.deb Size/MD5: 3704312 9ca15356bb7764e46a7f869549aeb575 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg-dev_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 203544 307e942d1b5258b6d97ba928cc7a4cce http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg4_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 93008 3458950c8e2c07e084359a2b108281ab http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl-dev_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 48890 c089eddb8a89bb7e39e303526be95d2a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 77566 4ae2087d9e262b6262c463bb7e02a997 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpq3_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 110266 ca3ed25e2ebfca05ba76fa56898bb6cb http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-client_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 511404 c32d001ec5d7c8de6dee547e7aa6191f http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql/postgresql-contrib_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 636960 bdcf9bd6f66ac4bb3ce8352e9e3fe670 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-dev_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 506412 579f5abbd512823daa3860124ca8814e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.5-3ubuntu0.5_powerpc.deb Size/MD5: 4104550 03ce4d3641d35a22e5e68fad67446bed Updated packages for Ubuntu 5.04 (Hoary Hedgehog): Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.7-2ubuntu2.1.diff.gz Size/MD5: 152451 04988036d3cdb8d87566778df45848dc http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.7-2ubuntu2.1.dsc Size/MD5: 991 8c8e287a5de6849b6197f8570ab2c016 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.7.orig.tar.gz Size/MD5: 9952102 d193c58aef02a745e8657c48038587ac Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-doc_7.4.7-2ubuntu2.1_all.deb Size/MD5: 2265342 d73061fba79aaee641e613e68903c5d0 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg-dev_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 207782 cb96bb1a104fc2297eb8ef89b0b0487e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg4_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 94250 aa530a6f3f3f39a2703f92206d480490 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl-dev_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 54022 829fcc583285ec31c9c0757525bd9dc0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 77192 37691c3f94597cff2a2afa4a25764753 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpq3_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 95096 3c2d05af2bd3d2c2f9401389843b05e0 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-client_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 346814 c7b1c672b83fda570f606bcb68ed1015 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql/postgresql-contrib_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 649922 a7624f8c757bf1ab6ef4c66b3e100f82 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-dev_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 515198 dbe1d3be33201a058e2436675c7962a6 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.7-2ubuntu2.1_amd64.deb Size/MD5: 3093788 7c00f7433ae47e4d0f29ac6211c28b08 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg-dev_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 203614 5413c87292dc8dd06c3340e32bd9180f http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg4_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 91634 3ec1b7ce7e1179643ffd661d90b929e7 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl-dev_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 53196 9b19a2a115ad041392c290d370b96901 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 75158 ab62acb14da5cd78496e937575c48ed4 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpq3_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 90470 ffe055c2ad8f777a8b0cfb2be40297a3 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-client_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 318670 580b39a9764f0d39fec6dee69762ef62 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql/postgresql-contrib_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 612580 d6825b89775d59efced1dafa9e5f3b1c http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-dev_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 509506 103af93f11eef6c977dbb50b06006b7a http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.7-2ubuntu2.1_i386.deb Size/MD5: 2955512 5426ad09bf89c5c74d76232d9c6bb2b0 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg-dev_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 208342 b49245522620ce33b64b8c6a047c5e8b http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libecpg4_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 98220 bea5adfd18814e1e2aec718a7ecf5428 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl-dev_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 53116 b497334e0cb23553593b9411b98620d6 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpgtcl_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 82354 d584607238832ee98323f18d738db254 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/libpq3_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 93072 3416dfadebb569fba851c1bfab184463 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-client_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 352418 60c692d77ef79ab8dce69fbe8b937381 http://security.ubuntu.com/ubuntu/pool/universe/p/postgresql/postgresql-contrib_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 681088 6f04a4c4dd4092f8c45d805a30896137 http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql-dev_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 512420 d900231978b04798d4def26bd4c1c01e http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/postgresql_7.4.7-2ubuntu2.1_powerpc.deb Size/MD5: 3404684 f93ab098149970b36a963805f1b6f059 [ Part 2, "Digital signature" Application/PGP-SIGNATURE ] [ 196bytes. ] [ Unable to print this part. ]