postgresql-8.4.20-3.AXS4
エラータID: AXSA:2015-179:02
リリース日:
2015/07/03 Friday - 19:23
題名:
postgresql-8.4.20-3.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- PostgreSQL には二重解放の脆弱性が存在し,セッション断のシーケンスの間に認証タイムアウトが期限切れになる際に,SSL セッションをクローズすることによって,リモートの攻撃者がサービス拒否 (クラッシュ) を引き起こす脆弱性があります。(CVE-2015-3165)
- 現時点では CVE-2015-3166, CVE-2015-3167 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2015-3165
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
CVE-2015-3166
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2015-3167
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報:
N/A
ダウンロード:
SRPMS
- postgresql-8.4.20-3.AXS4.src.rpm
MD5: d536c01222fa5d2f1d47bc24cf0c1007
SHA-256: ce1f257da42fdeb1326509991fbca8515b72569b937094cedd7aa137e3ac0fb2
Size: 20.59 MB
Asianux Server 4 for x86
- postgresql-8.4.20-3.AXS4.i686.rpm
MD5: 1c7ad8ac223f7526a7d418ac95b58e97
SHA-256: 3bdd38b00631048a6a8f282aa8b6ba3efaa6a498e308483ade9741b3703c705d
Size: 2.58 MB - postgresql-contrib-8.4.20-3.AXS4.i686.rpm
MD5: 0e8ad8ee9dffc47450c4037c7abbb631
SHA-256: 7cc0582ed0178b2336d2d003d6e08649d3cec17d2267fdd4d92f2886667e660c
Size: 349.83 kB - postgresql-devel-8.4.20-3.AXS4.i686.rpm
MD5: 1ca1697889e49bee7338d62629548b41
SHA-256: 0855f38ec0df8ccf01d5b7c4813d42ef076a232353d16754108085a5fa666e06
Size: 810.05 kB - postgresql-docs-8.4.20-3.AXS4.i686.rpm
MD5: 1ccd10ea6f05d8a5bef8c157b49aa69c
SHA-256: 6fe980b386178f666b3b921e5fac96cd21590c02f89b2e8d5422c35bb480aaad
Size: 6.95 MB - postgresql-libs-8.4.20-3.AXS4.i686.rpm
MD5: 85b7b9921a6b85cecbcf96363025caae
SHA-256: b7db68ebb3f9bad801ffbc8a349026c7cb01e418ee425f44d52c19bb6d5e767a
Size: 204.57 kB - postgresql-plperl-8.4.20-3.AXS4.i686.rpm
MD5: 513bc5930f1647865861857c003e47fd
SHA-256: 83a93c6877bbcd6e8c88940ab791d9fabdd5bf0672499573228beff26f975813
Size: 56.58 kB - postgresql-plpython-8.4.20-3.AXS4.i686.rpm
MD5: d5cb3483ff83f5a9faa5a777ab1313ea
SHA-256: e92e4aa5a079bf12baf31f36fa4e1c0d11f027fc040644fb71e6448e6cd0884d
Size: 57.26 kB - postgresql-pltcl-8.4.20-3.AXS4.i686.rpm
MD5: e62a5383a831d35bc21b6e4b278afe30
SHA-256: 7fb5405a2b346a0944e5f36bf7a8bd9b0074300f83420140f4dcf4cbd0088cf3
Size: 45.51 kB - postgresql-server-8.4.20-3.AXS4.i686.rpm
MD5: 6e1dc92d644709da3d27d0500775163b
SHA-256: a6b8643cf95a5c8345a5fe7dd22b904d510cb5ed31d68aad6d330d0a160b5a86
Size: 3.40 MB - postgresql-test-8.4.20-3.AXS4.i686.rpm
MD5: 12ae7a0c5fa7bd4f41806e1ae4596329
SHA-256: c134432ef74059a3f80ea64dcb6c989084915180b88310be0841fda1de39dfeb
Size: 1.11 MB
Asianux Server 4 for x86_64
- postgresql-8.4.20-3.AXS4.x86_64.rpm
MD5: 016e4768ef67b6eb14dd774b2416a330
SHA-256: acef99c3345071aabed843deb75b26446020193f582d849fb27ec0082b4ad371
Size: 2.59 MB - postgresql-contrib-8.4.20-3.AXS4.x86_64.rpm
MD5: c78f87236ec6d4e91fdcb1499d72aa9a
SHA-256: 5e7cbd0bbbaff5be7612fa89ac351c6318d44a5c0930d176bf2844c9df793fda
Size: 353.68 kB - postgresql-devel-8.4.20-3.AXS4.x86_64.rpm
MD5: 127396ec0238dea2d47ea1063effc78e
SHA-256: 21b09d97254b3c49259aea90d62cbc936a5b994689d25ac8bf3f16ab23f3aa77
Size: 814.61 kB - postgresql-docs-8.4.20-3.AXS4.x86_64.rpm
MD5: 8a524371a27c099d163a0447bfaed737
SHA-256: 6f763e1f86862a48bc52e8cffe573841fcf36e2f1306666027a48d176d75ae43
Size: 6.95 MB - postgresql-libs-8.4.20-3.AXS4.x86_64.rpm
MD5: c768f1b1e936605d177719e33c3579ed
SHA-256: 216412a4cfa2fa379c3d0782f095bf57586c9309838f32a53f7be863f8206b00
Size: 200.73 kB - postgresql-plperl-8.4.20-3.AXS4.x86_64.rpm
MD5: 8d554293cc444492872024b8330c18e6
SHA-256: dac1d0c4f26c8c6edbeb5ad827d3da60c0d9db159381230d1f9bb672fd920202
Size: 56.36 kB - postgresql-plpython-8.4.20-3.AXS4.x86_64.rpm
MD5: 1ada91506a2d67fd777b5c543abf02fa
SHA-256: 5e7de168c0fb7839af7f1428e7f10a5766018f199068695da3816f335293a91c
Size: 57.99 kB - postgresql-pltcl-8.4.20-3.AXS4.x86_64.rpm
MD5: 3b87dd124490927d39fc5eaf96e3c612
SHA-256: 18466e739ba525d4ebbdfbef61f7ee3d517e85e73706430a94911231f8107981
Size: 45.29 kB - postgresql-server-8.4.20-3.AXS4.x86_64.rpm
MD5: 83c29fcb705ce5504396660c1083cc3a
SHA-256: 012a5933effe776d3091b1c4031577dc30c1e6b64d6a6cd76e496be8999e6f89
Size: 3.44 MB - postgresql-test-8.4.20-3.AXS4.x86_64.rpm
MD5: 67c70be6b3730041d6752350d65a35e6
SHA-256: 6fd1992537d4fa863bba03ea3c3d3017181e59b7836de99a353965e334e008d5
Size: 1.11 MB - postgresql-8.4.20-3.AXS4.i686.rpm
MD5: 1c7ad8ac223f7526a7d418ac95b58e97
SHA-256: 3bdd38b00631048a6a8f282aa8b6ba3efaa6a498e308483ade9741b3703c705d
Size: 2.58 MB - postgresql-devel-8.4.20-3.AXS4.i686.rpm
MD5: 1ca1697889e49bee7338d62629548b41
SHA-256: 0855f38ec0df8ccf01d5b7c4813d42ef076a232353d16754108085a5fa666e06
Size: 810.05 kB - postgresql-libs-8.4.20-3.AXS4.i686.rpm
MD5: 85b7b9921a6b85cecbcf96363025caae
SHA-256: b7db68ebb3f9bad801ffbc8a349026c7cb01e418ee425f44d52c19bb6d5e767a
Size: 204.57 kB