postgresql 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1179063436
업데이트 : 2007.05.13
상세내용
8.0.13/8.2.4 update
CVE-2007-2138:
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before
7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows
remote authenticated users, when permitted to call a SECURITY DEFINER function,
to gain the privileges of the function owner, related to "search_path settings."
Autoupdates 지원 : Packages System
pkgadd -F postgresql*
update 패키지
RPMS :
. postgresql-8.0.13-1.i686.rpm
. postgresql-jdbc-8.0.13-1.i686.rpm
. postgresql-contrib-8.0.13-1.i686.rpm
. postgresql-libs-8.0.13-1.i686.rpm
. postgresql-devel-8.0.13-1.i686.rpm
. postgresql-pl-8.0.13-1.i686.rpm
. postgresql-devel-static-8.0.13-1.i686.rpm
. postgresql-python-8.0.13-1.i686.rpm
. postgresql-server-8.0.13-1.i686.rpm
. postgresql-8.2.4-1.i686.rpm
. postgresql-jdbc-8.2.4-1.i686.rpm
. postgresql-contrib-8.2.4-1.i686.rpm
. postgresql-libs-8.2.4-1.i686.rpm
. postgresql-devel-8.2.4-1.i686.rpm
. postgresql-pl-8.2.4-1.i686.rpm
. postgresql-devel-static-8.2.4-1.i686.rpm
. postgresql-python-8.2.4-1.i686.rpm
. postgresql-server-8.2.4-1.i686.rpm
SRPMS :
. postgresql-8.2.4-1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
|