postgresql-9.2.24-9.el7
エラータID: AXSA:2023-6988:06
リリース日:
2023/12/14 Thursday - 05:13
題名:
postgresql-9.2.24-9.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- PostgreSQL には、SQL の配列変数の更新処理における整数
オーバーフローの問題があるため、認証されたリモートの攻撃者
により、細工されたデータを介して、任意のコードの実行を可能
とする脆弱性が存在します。(CVE-2023-5869)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-5869
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.
追加情報:
N/A
ダウンロード:
SRPMS
- postgresql-9.2.24-9.el7.src.rpm
MD5: d0060bb7c327f7334276b862aa092624
SHA-256: e3f03099a951868030cd04f6d31cd425df7f8cb5eb9fe50b7556e6323ddda91a
Size: 35.99 MB
Asianux Server 7 for x86_64
- postgresql-9.2.24-9.el7.i686.rpm
MD5: b3b33945252a44949c14b0cacfdc42e5
SHA-256: 962ce0187b290c2c248065de5995887f7d06de5e8fe8c3031923429e91a4f00b
Size: 3.02 MB - postgresql-9.2.24-9.el7.x86_64.rpm
MD5: bf407c66f0a57237ba9743a89b0b9b4e
SHA-256: 071dfb700aeaa3459713096583e608740d0e1ad803106cad077922ab01cf4318
Size: 3.03 MB - postgresql-contrib-9.2.24-9.el7.x86_64.rpm
MD5: 93090b85118be8a6e3d1a000a9f5fb2a
SHA-256: 41ed30c1d055c21e03a8d338f893e50f0ef0a7301ab78710dc206390561f68cc
Size: 551.82 kB - postgresql-devel-9.2.24-9.el7.i686.rpm
MD5: 800e5be824091f26960d0a11022526ab
SHA-256: 8a91d50748f016b95d65b63d60f492f4519ba381e49e4bb72e123ab0ce136904
Size: 955.19 kB - postgresql-devel-9.2.24-9.el7.x86_64.rpm
MD5: 99172ead4fa69038d4fb33e15e0585d3
SHA-256: 388af554e044bb64063173755d753e75378c27430829252ec9641dfed4378a43
Size: 960.87 kB - postgresql-docs-9.2.24-9.el7.x86_64.rpm
MD5: 8ec67ac7248162ce76dda9f80b1d5543
SHA-256: ab86d889d98c16c1cb1c55b5b197d325504b617c2b31da465dbd7f798771bfd6
Size: 6.87 MB - postgresql-libs-9.2.24-9.el7.i686.rpm
MD5: 4c87d18578d62fb309e8cbb8042e7ac9
SHA-256: 8a67a671e0b48949f7e4147a4de0eed4c61603a1477342c74539e31c1195db42
Size: 234.08 kB - postgresql-libs-9.2.24-9.el7.x86_64.rpm
MD5: 024e401ee77db12df669dc1482d3185d
SHA-256: 28ee5f6a01e0d9facdb14a38faedf1a703bf9184b4a387afa9adef8deed9e590
Size: 233.91 kB - postgresql-plperl-9.2.24-9.el7.x86_64.rpm
MD5: 35edff9be37233617e35ddb1e3fafb06
SHA-256: 265aac7860becacf0951fb29df6ed49a2142dd4ec9e955fec5a804baa2bd9c35
Size: 83.12 kB - postgresql-plpython-9.2.24-9.el7.x86_64.rpm
MD5: 04c9b383351d5dd4a8a3f6d49544db7e
SHA-256: 99b12efcb1d510b5919364c08cc50572ec60a69d80793b9cdfd4310860134539
Size: 96.03 kB - postgresql-pltcl-9.2.24-9.el7.x86_64.rpm
MD5: eec82708debc27d8461c16b5f81b2e46
SHA-256: f1f9aee6c4a40e52c2d52c9ac344f420f7b4189c30ec8bc83306accbbb24340a
Size: 59.33 kB - postgresql-server-9.2.24-9.el7.x86_64.rpm
MD5: 53f130c100d69a4cda4de640d2754fac
SHA-256: 96a1c6bfa321221c3e4887075595c7c00754ec1f8057df187c68822ecb48bf2b
Size: 3.82 MB - postgresql-test-9.2.24-9.el7.x86_64.rpm
MD5: 69da4d6c267341efedd822a66f4cc285
SHA-256: 11d9705df370e45a514f81f2f6a81111f290ae2ccb63ae1645a49757620afc90
Size: 1.76 MB
English