postgresql-9.2.23-3.el7

エラータID: AXSA:2017-2464:03

Release date: 
Monday, December 11, 2017 - 12:00
Subject: 
postgresql-9.2.23-3.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. (CVE-2017-12172, CVE-2017-15097)

Note: This patch drops the script privileges from root to the postgres user. Therefore, this update works properly only if the postgres user has write access to the postgres' home directory, such as the one in the default configuration (/var/lib/pgsql).

Asianux would like to thank the PostgreSQL project for reporting CVE-2017-12172. The CVE-2017-15097 issue was discovered by Pedro Barbosa (Asianux) and the PostgreSQL project. Upstream acknowledges Antoine Scemama (Brainloop) as the original reporter of these issues.

CVE-2017-12172
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10,
9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs
under a non-root operating system account, and database superusers
have effective ability to run arbitrary code under that system
account. PostgreSQL provides a script for starting the database server
during system boot. Packages of PostgreSQL for many operating systems
provide their own, packager-authored startup implementations. Several
implementations use a log file name that the database superuser can
replace with a symbolic link. As root, they open(), chmod() and/or
chown() this log file name. This often suffices for the database
superuser to escalate to root privileges when root starts the server.
CVE-2017-15097
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2017-12172
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server.
CVE-2017-15097
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
Additional Info: 

N/A

Download: 

SRPMS
  1. postgresql-9.2.23-3.el7.src.rpm
    MD5: 18ad3e7e9063d0ddd7dc3d565264c698
    SHA-256: 864a60a78dcf8778e792659978ce97966b5335fb7dee9b8bb877fc3c0cd81035
    Size: 35.93 MB

Asianux Server 7 for x86_64
  1. postgresql-9.2.23-3.el7.x86_64.rpm
    MD5: 046cab22086a9fb8ffe7438c17bdafdd
    SHA-256: d37877c8217f22947e1e903868310debf6f949a49b9053e5fa197178e2131382
    Size: 3.03 MB
  2. postgresql-contrib-9.2.23-3.el7.x86_64.rpm
    MD5: 98adecbcb49ab2f7e4b8ecf573c7b34e
    SHA-256: 34028fe54b1c3bb5377473554dfca91019e22b6ed20794fd1b7d7bcc5fb2a0e6
    Size: 551.14 kB
  3. postgresql-devel-9.2.23-3.el7.x86_64.rpm
    MD5: 3139a758462366823f9b146b509f12a1
    SHA-256: 6fcaf6ebae102a36f2dc264d3da86983ca8ee46d37038b8d661a875cdd1c5d63
    Size: 950.81 kB
  4. postgresql-docs-9.2.23-3.el7.x86_64.rpm
    MD5: 2f0adaea7177315a8bc7841320437a72
    SHA-256: eb565f8ab64c1076f076ad1362609a2157d7c92373c2d1e8b7cf110a8cb2e1a1
    Size: 6.86 MB
  5. postgresql-libs-9.2.23-3.el7.x86_64.rpm
    MD5: 1604dc464b481477ef7b9af43d152072
    SHA-256: 50b6cf38e9ca1d3f66a7fc6f20172f4a096b1541987b5353bc7ed197a82e51de
    Size: 232.71 kB
  6. postgresql-plperl-9.2.23-3.el7.x86_64.rpm
    MD5: 886226c34809f33aa8852f449aaf98e5
    SHA-256: 0327e96dbe34bf7ff9778affbb708c78e232443041eee9efbf0a836e4324b1ed
    Size: 82.26 kB
  7. postgresql-plpython-9.2.23-3.el7.x86_64.rpm
    MD5: 0ed58dc0cddcd6fa755016df9ade3750
    SHA-256: b1f23df038761f35b3b287dcb57e75ea324b27077cbcda10bb2fed081814bc80
    Size: 95.20 kB
  8. postgresql-pltcl-9.2.23-3.el7.x86_64.rpm
    MD5: 2573285708d3bc6ef12d1ce3a1319762
    SHA-256: 5c1ac3c88f66d061217c6416cb2ee8b01e4b63a913a601891c0284fc5fea5076
    Size: 58.48 kB
  9. postgresql-server-9.2.23-3.el7.x86_64.rpm
    MD5: 56a1e25620fbd690d0b9eac92c1c9343
    SHA-256: 51b173f573f5c207152f09e03feafa574ce2b77ad3de9e77b81da0715f7ceb0e
    Size: 3.78 MB
  10. postgresql-test-9.2.23-3.el7.x86_64.rpm
    MD5: d4e0f4aa5eafdb887ca1c6eeca8848f0
    SHA-256: f6c1c3548542a758bb86e514a98a2b62edbf44d007bb0895264e94633f5f7932
    Size: 1.76 MB
  11. postgresql-9.2.23-3.el7.i686.rpm
    MD5: e306643b00f4fd1e6dda646c2c72c922
    SHA-256: 39a485ff2fb540a35499230d9948834b561f24a433a74484f91e0c9c372d5da6
    Size: 3.01 MB
  12. postgresql-devel-9.2.23-3.el7.i686.rpm
    MD5: 752e1bcc8ec839a08faa069810979a5a
    SHA-256: c081293ebc9ff6d4b9ebbcc890c80a90575af79e357f9fc6a1c027b233400cb8
    Size: 944.80 kB
  13. postgresql-libs-9.2.23-3.el7.i686.rpm
    MD5: 47da3f6715553d3f58b0da84e2820cb8
    SHA-256: 0b2fff26016bb9408dbb17cd6409e2100f8223f0e4d723fb766cc1ed2171b257
    Size: 232.32 kB