Bug 660478 - VUL-0: PostgreSQL intarray buffer overflow
VUL-0: PostgreSQL intarray buffer overflow
Status: RESOLVED FIXED
: 684292 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
maint:released:11.2:38756 maint:relea...
:
Depends on:
Blocks: 684292
  Show dependency treegraph
 
Reported: 2010-12-20 08:32 UTC by Ludwig Nussel
Modified: 2011-06-10 14:08 UTC (History)
6 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2010-12-20 08:32:56 UTC
Your friendly security team received the following report via vendor-sec.
Please respond ASAP.
This issue is not public yet, please keep any information about it inside SUSE.
Note that build.opensuse.org *cannot* be used to prepare embargoed updates.

CVE-ID: CVE-2010-4015

Impact: An attacker who can cause the PostgreSQL server to execute certain commands may cause a denial of the PostgreSQL service or execute arbitrary code.

Description: A buffer overflow exists in the intarray module of the PostgreSQL server.  An attacker who can send a command to the PostgreSQL server with a long query_int parameter to the @@ or ~~ operators may cause a denial of the PostgreSQL service or execute arbitrary code.  This issue is addressed by improved bounds checking.  This issue does not affect Mac OS X.  Credit: Apple.
Comment 21 Reinhard Max 2011-02-16 17:51:00 UTC
Packages submitted to SLES10-SP3, SLE11-SP1, 11.2, and 11.3.
Comment 31 Swamp Workflow Management 2011-03-30 14:11:43 UTC
Update released for: postgresql, postgresql-contrib, postgresql-contrib-debuginfo, postgresql-debuginfo, postgresql-debugsource, postgresql-devel, postgresql-devel-debuginfo, postgresql-docs, postgresql-libs, postgresql-libs-debuginfo, postgresql-server, postgresql-server-debuginfo
Products:
openSUSE 11.2 (debug, i586, x86_64)
openSUSE 11.3 (debug, i586, x86_64)
Comment 32 Ludwig Nussel 2011-03-30 14:12:57 UTC
released
Comment 33 Swamp Workflow Management 2011-03-30 17:21:06 UTC
Update released for: postgresql, postgresql-contrib, postgresql-debuginfo, postgresql-devel, postgresql-docs, postgresql-libs, postgresql-libs-32bit, postgresql-libs-64bit, postgresql-libs-x86, postgresql-pl, postgresql-server
Products:
SLE-DESKTOP 10-SP3 (i386, x86_64)
SLE-SAP-APL 10-SP3 (x86_64)
SLE-SDK 10-SP3 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP3 (i386, ia64, ppc, s390x, x86_64)
Comment 34 Swamp Workflow Management 2011-03-30 18:57:26 UTC
Update released for: postgresql, postgresql-contrib, postgresql-debuginfo, postgresql-devel, postgresql-docs, postgresql-libs, postgresql-libs-32bit, postgresql-libs-64bit, postgresql-libs-x86, postgresql-pl, postgresql-server
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Comment 35 Swamp Workflow Management 2011-03-30 20:41:35 UTC
Update released for: postgresql, postgresql-contrib, postgresql-debuginfo, postgresql-debugsource, postgresql-devel, postgresql-docs, postgresql-libs, postgresql-libs-32bit, postgresql-libs-x86, postgresql-pl, postgresql-plperl, postgresql-plpython, postgresql-pltcl, postgresql-server
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 36 Leonardo Chiquitto 2011-04-20 21:57:33 UTC
*** Bug 684292 has been marked as a duplicate of this bug. ***