An integer overflow flaw was found in the way postgresql used to calculate size for the hashtable for joined relations. An attacker could formulate a specially-crafted sql query, which once processed would lead to denial of service (postgresql daemon crash). Upstream bug report: -------------------- [1] http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.php References: ----------- [2] http://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.php [3] http://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.php [4] http://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.php Upstream patch: --------------- git clone git://git.postgresql.org/git/postgresql.git cd postgresql && git show 64b057e6823655fb6c5d1f24a28f236b94dd6c54 Credit: ------- Bernt Marius Johnsen
Created attachment 377733 [details] Local copy of relevant upstream patch
(In reply to comment #0) > Upstream patch: > --------------- > git clone git://git.postgresql.org/git/postgresql.git > cd postgresql && git show 64b057e6823655fb6c5d1f24a28f236b94dd6c54 http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=64b057e6823655fb6c5d1f24a28f236b94dd6c54
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
This one has been assigned CVE-2010-0733
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2010:0427 https://rhn.redhat.com/errata/RHSA-2010-0427.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0428 https://rhn.redhat.com/errata/RHSA-2010-0428.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0429 https://rhn.redhat.com/errata/RHSA-2010-0429.html