Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

PostgreSQL To_Ascii() Buffer Overflow Vulnerability

Solution:
Turbolinux have released an advisory (TLSA-2003-62) to address this issue. Users who are potentially affected by this vulnerability are advised to apply relative fixes as soon as possible. Further information regarding obtaining and applying these fixes can be found in the referenced advisory.

Conectiva has released an advisory (CLA-2003:784) that addresses this issue on Conectiva Linux systems. Users who are potentially affected by this vulnerability are advised to apply appropriate fixes as soon as possible. Further information pertaining to applying these fixes can be found in the referenced advisory. Fixes are linked below.

Red Hat has released an advisory (RHSA-2003:314-08) that addresses this issue on Red Hat Enterprise edition Linux. Customers who are potentially affected by this vulnerability are advised to apply appropriate fixes as soon as possible. Customers can download these fixes from the Red Hat network; further information is available in the referenced advisory.

OpenPKG has released an advisory that provides fixes for OpenPKG 1.2 and CURRENT. postgresql-7.3.4-20030725 addresses the issue in CURRENT and postgresql-7.3.1-1.2.4 was released to address the issue in version 1.2. Please see the attached advisory for more details.

Mandrake has released an advisory (MDKSA-2003:102) to address this issue. Please see the attached advisory for details.

Debian has issued an advisory (DSA 397-1) and fixes. The advisory is linked to in the reference section of this record.

Red Hat has released an advisory (RHSA-2003:313-00) that addresses this issue. Users who are potentially affected by this vulnerability are advised to apply appropriate fixes as soon as possible. Information on how to obtain and apply these fixes can be found in the attached advisory.

An advisory has been released for Trustix Secure Linux (TSLSA-2003-0040) that includes updates for this issue. Please see the attached advisory for details on obtaining and applying updates.

SGI has released an advisory (20031101-01-U) pertaining to their ProPack Linux distribution. The advisory has been released in response to a number of RHSA advisories, and includes a patch (Patch 10032) containing updated RPM packages relating to a number of different BIDS.

Patch 10032 can be obtained via the following link:
http://support.sgi.com/

For information regarding how to obtain individual RPM packages included in Patch 10032, please see the attached advisory.

The vendor has released an upgrade to address this issue:


Turbolinux Turbolinux Desktop 10.0

PostgreSQL PostgreSQL 7.1.3

PostgreSQL PostgreSQL 7.2

PostgreSQL PostgreSQL 7.2.1

PostgreSQL PostgreSQL 7.2.2

PostgreSQL PostgreSQL 7.2.3

PostgreSQL PostgreSQL 7.2.4

PostgreSQL PostgreSQL 7.3

PostgreSQL PostgreSQL 7.3.1

PostgreSQL PostgreSQL 7.3.2

PostgreSQL PostgreSQL 7.3.3







 

Privacy Statement
Copyright 2008, SecurityFocus