postgresql-8.4.9-1.1.0.1.AXS4
エラータID: AXSA:2012-153:01
リリース日:
2012/02/20 Monday - 19:00
題名:
postgresql-8.4.9-1.1.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- PHP で使用されている crypt_blowfish は 8ビットのキャラクタを適切に扱うことができず,パスワードハッシュの知識を利用して,攻撃者が平文のパスワードを特定しやすくなる脆弱性があります。(CVE-2011-2483)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2011-2483
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.
追加情報:
N/A
ダウンロード:
SRPMS
- postgresql-8.4.9-1.1.0.1.AXS4.src.rpm
MD5: f17d953469b4e1520dfaa8114e77a903
SHA-256: 8021f61d69e3ebdc00d962b450c3d80434b2c87eb15bf04bc456d2d5b5e85226
Size: 20.08 MB
Asianux Server 4 for x86
- postgresql-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: fb2480cfca40c64ae2fd9f81ad653939
SHA-256: 918f570c5fedef7f358aaeb7382b5d54bb60bb038a33c3b70156c0700887363e
Size: 2.70 MB - postgresql-contrib-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 274069932a809ed78f52bd8f9920a0b4
SHA-256: 5f0e2a4bf45eaf07ee1c9eb327fb66cfa0594fea473db634c990171bea56f480
Size: 345.91 kB - postgresql-devel-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 31d5a5721e284a86cfdb7fee37851013
SHA-256: 91d9b2820a0e5d0349490cf30652e35ae362047e69b830f626d639f4508f5643
Size: 803.20 kB - postgresql-docs-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: b6c367752916435fc3310e83e8ba6c48
SHA-256: 366ee7a1a37ee23316399c365cb542ef918fb0aba315550df8dc38845e6c1128
Size: 6.04 MB - postgresql-libs-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 176886170e5390f5aa92b61200e616bb
SHA-256: 8bb534e48fd46bb079f5f04bf77c577301cc15aa7db3b0692469c6fbfb391f09
Size: 200.67 kB - postgresql-plperl-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 72eeddaad399f899ec6f258562e9055f
SHA-256: e80300ec2f39300fd0bea8315714830991c9c1a3f864db6088c5b247ee30dbb1
Size: 53.50 kB - postgresql-plpython-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 9195da83458209f343cf77430b01418d
SHA-256: f6419ea6e83759e3df8ed892c515573a65808ef2f76d87c1b4a3778ac38e3882
Size: 52.32 kB - postgresql-pltcl-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 009a4531a9aff71be5bc59ddf65817cf
SHA-256: 26942e5a737dcea3ed6898021e02690f662f7aa00f71ba9858799eef6c0eccdc
Size: 43.31 kB - postgresql-server-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: e4a3c99b6f1156442d7306114c073036
SHA-256: d36245a92e798f4a0b2692a1f04b2ff4a051c34783ee993119dd0f52fb322307
Size: 3.30 MB - postgresql-test-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 850d8d5311ace1c6e5f0a1ca0d47f166
SHA-256: 20c8faf55e85cac8e2634cca719d364ea808cef36d2944a31fb89f033e083492
Size: 1.10 MB
Asianux Server 4 for x86_64
- postgresql-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: d13544f3a2b88ad5bd5e93adea5b83ff
SHA-256: a9d0f0a9aad90ecde898512c20ff920f39fb963203015ee7ba6c92e5fc6de6bb
Size: 2.70 MB - postgresql-contrib-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 9f6ffadd51b2294f0c4e074cab33d03f
SHA-256: 7225c72a48474d18e244c9c6570fd725e998ddaac4286154632641ef9e992b7a
Size: 350.07 kB - postgresql-devel-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 6303fbf58c9fdd431d041be201db2f89
SHA-256: af6eb66e2b1d2d2d27107fb0546ddc5405939afe456dc587c516d9c93067778c
Size: 807.40 kB - postgresql-docs-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 2b1c21705a6084a54d53a60fe764f6be
SHA-256: 1e68eed2dfbc149fd003e8c10a1fb3d622b65468bf0c35993dcf0381d81c0b74
Size: 6.04 MB - postgresql-libs-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 6098b45e1994db9079977866af6aca46
SHA-256: 21aa8be4c8c64feb70c9f7f0b2d2b919b022a27a4892a03e3f4d078f5ee255b3
Size: 196.77 kB - postgresql-plperl-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 73688ae49602ac7d1507f0c86310de6a
SHA-256: aea7c1e21580caf9728477a297fe71db269627adb497574e48d91ca6afb5552c
Size: 53.34 kB - postgresql-plpython-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 177617f5bbd1f2db4eafb79a162c5756
SHA-256: 6d60d1846bafe8bd170b5265ba68ccf99d265a85e306c759c384b80b8ff1b9a3
Size: 53.05 kB - postgresql-pltcl-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 84a03be696ed25bd94b0f982529e9717
SHA-256: 52e5f564f69550788a297e1f932cdc410538cfedc3af7a139d7d16d317e5039f
Size: 43.08 kB - postgresql-server-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: 4ebe1ed118aa7a0832c53cee73ff0079
SHA-256: f9b00f2d0981be2552bf9440a9447cbd297106202cec1cd9ac07c981a19b57bc
Size: 3.34 MB - postgresql-test-8.4.9-1.1.0.1.AXS4.x86_64.rpm
MD5: afb0b1a480d464ec98f56e2a972c9cf8
SHA-256: d028b1abcadf1db8e8f229293bcc934d657a75abd3ca7ce449384c779bb34d19
Size: 1.10 MB - postgresql-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: fb2480cfca40c64ae2fd9f81ad653939
SHA-256: 918f570c5fedef7f358aaeb7382b5d54bb60bb038a33c3b70156c0700887363e
Size: 2.70 MB - postgresql-devel-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 31d5a5721e284a86cfdb7fee37851013
SHA-256: 91d9b2820a0e5d0349490cf30652e35ae362047e69b830f626d639f4508f5643
Size: 803.20 kB - postgresql-libs-8.4.9-1.1.0.1.AXS4.i686.rpm
MD5: 176886170e5390f5aa92b61200e616bb
SHA-256: 8bb534e48fd46bb079f5f04bf77c577301cc15aa7db3b0692469c6fbfb391f09
Size: 200.67 kB