pg_upgrade creates temporary files in the current working directory. It creates most of them with umask 0077, so only the current user can open those. However, for the file containing the output of "pg_dumpall -g", it uses the umask in effect when the user invoked pg_upgrade. This can allow an attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. However, the attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file. Vulnerable Versions: 9.3 - 10
Acknowledgments: Name: the PostgreSQL project Upstream: Tom Lane
External References: https://www.postgresql.org/about/news/1829/
Created mingw-postgresql tracking bugs for this issue: Affects: epel-7 [bug 1543752] Affects: fedora-all [bug 1543751] Created postgresql tracking bugs for this issue: Affects: fedora-all [bug 1543753]
Statement: This issue affects the versions of PostgreSQL 9.x as shipped with Red Hat Satellite 5.x and CloudForms 5.x. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Via RHSA-2018:2511 https://access.redhat.com/errata/RHSA-2018:2511
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS Via RHSA-2018:2566 https://access.redhat.com/errata/RHSA-2018:2566
This issue has been addressed in the following products: CloudForms Management Engine 5.9 Via RHSA-2018:3816 https://access.redhat.com/errata/RHSA-2018:3816