USN-834-1: PostgreSQL vulnerabilities

21 September 2009

postgresql-8.1, postgresql-8.3 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 9.04
  • Ubuntu 8.10
  • Ubuntu 8.04 LTS
  • Ubuntu 6.06 LTS

Software Description

  • postgresql-8.3
  • postgresql-8.1

Details

It was discovered that PostgreSQL could be made to unload and reload an already loaded module by using the LOAD command. A remote authenticated attacker could exploit this to cause a denial of service. This issue did not affect Ubuntu 6.06 LTS. (CVE-2009-3229)

Due to an incomplete fix for CVE-2007-6600, RESET ROLE and RESET SESSION AUTHORIZATION operations were allowed inside security-definer functions. A remote authenticated attacker could exploit this to escalate privileges within PostgreSQL. (CVE-2009-3230)

It was discovered that PostgreSQL did not properly perform LDAP authentication under certain circumstances. When configured to use LDAP with anonymous binds, a remote attacker could bypass authentication by supplying an empty password. This issue did not affect Ubuntu 6.06 LTS. (CVE-2009-3231)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.04
postgresql-8.3 - 8.3.8-0ubuntu9.04
Ubuntu 8.10
postgresql-8.3 - 8.3.8-0ubuntu8.10
Ubuntu 8.04 LTS
postgresql-8.3 - 8.3.8-0ubuntu8.04
Ubuntu 6.06 LTS
postgresql-8.1 - 8.1.18-0ubuntu0.6.06

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the necessary changes.

References