Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 147703 - CAN-2005-0227 Multiple security and data-loss issues in PostgreSQL (CAN-2004-0977 CAN-2005-0245 CAN-2005-0247)
CAN-2005-0227 Multiple security and data-loss issues in PostgreSQL (CAN-2004-...
Product: Red Hat Enterprise Linux 2.1
Classification: Red Hat
Component: postgresql (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tom Lane
David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 2005-02-10 13:11 EST by Tom Lane
Modified: 2013-07-02 23:03 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-02-16 11:25:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:150 important SHIPPED_LIVE Important: postgresql security update 2005-02-16 00:00:00 EST

  None (edit)
Description Tom Lane 2005-02-10 13:11:29 EST
Description of problem:
Some of the security issues mentioned in bug#147442 also apply to the
AS2.1 branch: specifically the LOAD issue CAN-2005-0227 and some
aspects of the plpgsql buffer overruns CAN-2005-0245, CAN-2005-0247.

Also, I noted that CAN-2004-0977 (bug#136301) and the low-priority
security issues mentioned in bug#136947 were never back-ported to the
AS2.1 branch.

In addition, while the Postgres community stopped maintaining PG 7.1
years ago, they have continued to back-port significant bug fixes
(data-loss and server-crash issues) into the PG 7.2 branch, and most
of these issues also apply to PG 7.1.  It's past time we updated AS2.1
with these fixes.  Our bug#130818 describes the most significant of
these issues but there are numerous minor ones.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.  See referenced bugzilla entries
Actual results:

Expected results:

Additional info:
Comment 1 Tom Lane 2005-02-10 13:29:50 EST
Fixes created in postgresql-7.1.3-6.rhel2.1AS

Comment 2 Josh Bressers 2005-02-16 11:25:38 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.