---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports. http://secunia.com/secunia_security_specialist/ ---------------------------------------------------------------------- TITLE: SUSE update for postgresql SECUNIA ADVISORY ID: SA20555 VERIFY ADVISORY: http://secunia.com/advisories/20555/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: >From remote OPERATING SYSTEM: SUSE Linux 10 http://secunia.com/product/6221/ SuSE Linux 9.1 http://secunia.com/product/3473/ SUSE Linux 9.2 http://secunia.com/product/4258/ SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ DESCRIPTION: SUSE has issued an update for postgresql. This fixes two vulnerabilities, which potentially can be exploited by malicious people to conduct SQL injection attacks. For more information: SA20231 SOLUTION: Apply updated packages. -- x86 Platform -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-8.0.8-0.2.i586.rpm 923404a774e7cabec9df64c62da88a27 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-contrib-8.0.8-0.2.i586.rpm 85b25723f9d67a70b04e0ce3811cc85c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-devel-8.0.8-0.2.i586.rpm 50e5a977ed8b9120768bc5e603961f98 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-docs-8.0.8-0.2.i586.rpm e45faf70ef7def2aade7b94ba89bd864 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-libs-8.0.8-0.2.i586.rpm 36b5719ca00eaf3cddb4c2d506d1d2fa ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-pl-8.0.8-0.2.i586.rpm 318081f3601d5f7baf872c94b104b2fc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/postgresql-server-8.0.8-0.2.i586.rpm 05d154dcc296a9c7e956e9138a312108 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-8.0.8-0.2.i586.rpm a260aec2aef3ea77694a76a0201044ae ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-contrib-8.0.8-0.2.i586.rpm 37b5114bbbb78f6e80ffb1b89401e8da ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-devel-8.0.8-0.2.i586.rpm a61d1e17cd2ccc61f6b4975520ab7e9f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-docs-8.0.8-0.2.i586.rpm 841b0470d29b9170b18bbfbaafe41435 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-libs-8.0.8-0.2.i586.rpm 78ef824e90a62d24d6bb2deaa9b74ab9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-pl-8.0.8-0.2.i586.rpm 733a5aa1b89477c2011910d0fa72e166 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-server-8.0.8-0.2.i586.rpm f688fedcc332b893e0ac9e5154d977c1 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-7.4.13-0.2.i586.rpm ea88d118184c182bfacb7544d48f34c6 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-contrib-7.4.13-0.2.i586.rpm ce7b90c42fb477b97c0dbc64c147b5e0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-devel-7.4.13-0.2.i586.rpm 1bcfeb756fe5c5d5e347a5ff4ccf84fe ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-docs-7.4.13-0.2.i586.rpm 890c3a7ced118229ec9bc640cb057800 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-libs-7.4.13-0.2.i586.rpm b7ec99237d6fe4e8682c78f7a8bcdb63 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-pl-7.4.13-0.2.i586.rpm 96a4e10fee0a465819a07ee2e89b03e2 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-server-7.4.13-0.2.i586.rpm 5ca65525e7d340e4e98a3a59dac1cbe3 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-7.4.13-0.4.i586.rpm 34eed42fd77148c86ec86c086a18af0d ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-contrib-7.4.13-0.4.i586.rpm e05064dbdfba0a0a0ca43b745f2a6402 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-devel-7.4.13-0.4.i586.rpm 8ecb634c77035ccac12cee347c632f99 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-docs-7.4.13-0.4.i586.rpm f3ac880c647474f1bee6c72fec75b550 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-libs-7.4.13-0.4.i586.rpm 92e1ed36148af0b98691296b5f20074d ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-pl-7.4.13-0.4.i586.rpm 76c494f41f4cc6d31d181c0d672b85db ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-server-7.4.13-0.4.i586.rpm 77dddc495feae1c6b0f926b0169585af ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/i586/postgresql-libs-32bit-9.1-200605310116.i586.rpm e1def686b4da15034ecdba05ae52d317 -- Power PC Platform -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-8.0.8-0.2.ppc.rpm 1f0d19658278ce363a02f34c8408badc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-contrib-8.0.8-0.2.ppc.rpm ab128f5681367e3260f28007f1eb223b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-devel-8.0.8-0.2.ppc.rpm 4934796258b5095bde35d82dcce8400e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-docs-8.0.8-0.2.ppc.rpm c6ed5f891260a707ff34d2c0d6bc8dd5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-libs-64bit-8.0.8-0.2.ppc.rpm 11eae2961bc6806c81144f980cf47c26 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-libs-8.0.8-0.2.ppc.rpm 84d1d74b1be2fa9bc3814347e48d666a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-pl-8.0.8-0.2.ppc.rpm 7c2091e7324d055d584d18de5d016b02 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/postgresql-server-8.0.8-0.2.ppc.rpm 565f8479ac8b992cc6dee514d009c6a0 -- ppc64 -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc64/postgresql-8.0.8-0.2.ppc64.rpm a16b451535c8a819814fc0081a6a3855 -- x86-64 Platform -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-8.0.8-0.2.x86_64.rpm aeae0da5a394b4c24d8cda8560f18dbb ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-contrib-8.0.8-0.2.x86_64.rpm 10e6615d3c4648b9cc9d0c69e10a5e23 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-devel-8.0.8-0.2.x86_64.rpm 42fa8a74543ba2dc5983829e87f9cf03 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-docs-8.0.8-0.2.x86_64.rpm f39ed20c68895151c7540224bfa733e5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-libs-32bit-8.0.8-0.2.x86_64.rpm 694a1886b2d287fe91b7182d5d9a6cd2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-libs-8.0.8-0.2.x86_64.rpm 07a3202ef0840ebd64c797570ad37959 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-pl-8.0.8-0.2.x86_64.rpm d16750bdb4d6c7c8c9a4d770db05224f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/postgresql-server-8.0.8-0.2.x86_64.rpm f16b518aa08e10c7afea31b294cfc778 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-8.0.8-0.2.x86_64.rpm 3e1d2b7a5f48312f45629ef1e2aca09e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-contrib-8.0.8-0.2.x86_64.rpm c93b8d25d8c1c8d3ff71330148b0bfe1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-devel-8.0.8-0.2.x86_64.rpm 7282ec73b022c0a64df4131449ffa03e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-docs-8.0.8-0.2.x86_64.rpm 6555bbcb2dece1509ce34689e6866089 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-libs-32bit-9.3-7.3.x86_64.rpm b3bb611cbe68ca215f5dddad9c5427a6 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-libs-8.0.8-0.2.x86_64.rpm 01e3fa4fe1de5c07c923f86b8b6edfe1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-pl-8.0.8-0.2.x86_64.rpm b19f8062671374939259f1a283736622 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-server-8.0.8-0.2.x86_64.rpm 691e3d79c8fd58acd3e754b3ac3085b1 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-7.4.13-0.2.x86_64.rpm e4b11cc66197cf5f186f07ee9928e66e ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-contrib-7.4.13-0.2.x86_64.rpm c6b41d5cbf22749909f787a4618037da ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-devel-7.4.13-0.2.x86_64.rpm 1f0119c73b50f3a5da6d31e2eea35369 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-docs-7.4.13-0.2.x86_64.rpm 9a8f7959d081395e312ca02a8a7a5fc3 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-libs-32bit-9.2-200605301412.x86_64.rpm 2ddf607af4ce09f4269cbca02ec03a7d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-libs-7.4.13-0.2.x86_64.rpm 272ef016cd23ae673b803b5767a1554c ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-pl-7.4.13-0.2.x86_64.rpm 51523699fb995488a1dbded7eb5fe2cc ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-server-7.4.13-0.2.x86_64.rpm 897a20ab9ea122d43f89567e485ff500 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-7.4.13-0.4.x86_64.rpm a38b622178a32cdd06233c842327295d ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-contrib-7.4.13-0.4.x86_64.rpm 085aab7d5729e3f27dbab7fb9e420254 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-devel-7.4.13-0.4.x86_64.rpm 4691be0aa24c42eeaa50c092353bd6f4 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-docs-7.4.13-0.4.x86_64.rpm 5bc0a01514247c29c765b3c8938c795d ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-libs-7.4.13-0.4.x86_64.rpm c12dc2877ec65c6a3f988b51157b5ab7 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-pl-7.4.13-0.4.x86_64.rpm 83fa45b8a322910a38f071e9bd0d9031 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-server-7.4.13-0.4.x86_64.rpm 79ad3926185107da714ab3754aa889e7 -- Sources -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/postgresql-8.0.8-0.2.src.rpm 361ca18474faf36146a84236618afaf2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/postgresql-pl-8.0.8-0.2.nosrc.rpm 5a7a5a8af3c4bc930300c908413d8fe0 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/postgresql-8.0.8-0.2.src.rpm 384b25b835cfd3990395967571ae2b05 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/postgresql-pl-8.0.8-0.2.nosrc.rpm a1155e3cadf7907178c57fc20a3b2aa1 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/postgresql-7.4.13-0.2.src.rpm 186111c9f577a1583725aef28da96636 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/postgresql-pl-7.4.13-0.2.nosrc.rpm fb124cb2d1424d21035040847423e7b6 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/postgresql-7.4.13-0.4.src.rpm 7a76decace79f6dcb7d183f461626b2e ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/postgresql-pl-7.4.13-0.4.nosrc.rpm 4739e9d6fee0bee6934be76870d4ce51 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/postgresql-7.4.13-0.4.src.rpm 7fadd3d1bed3c30759d94af7cd924800 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/postgresql-pl-7.4.13-0.4.nosrc.rpm a357ff94aec54e5ebb08c7fd758fbdeb -- Packages from the maintenance web -- SUSE SLES 9: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/da59db7f50aac32f6bd1b258f6e09652.html ORIGINAL ADVISORY: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html OTHER REFERENCES: SA20231: http://secunia.com/advisories/20231/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------