Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 81350 - dev-db/postgresql: Buffer overflows in PL/PgSQL parser (CAN-2005-0247)
Summary: dev-db/postgresql: Buffer overflows in PL/PgSQL parser (CAN-2005-0247)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B1 [glsa] jaervosz
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-09 05:11 UTC by Matthias Geerdsen (RETIRED)
Modified: 2007-09-22 23:25 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Geerdsen (RETIRED) gentoo-dev 2005-02-09 05:11:19 UTC
Following CANs list <=8.0.1 as affected:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0244>
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245>
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246>
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247>

244 and 246 appear to be fixed according to the 8.0.1 changelog, maybe someone can verify that.

(Additional) patches for 245 and 246 seem to have been introduced after the release though.

postgresql team, pls verify|patch|advise
Comment 1 Sune Kloppenborg Jeppesen gentoo-dev 2005-02-10 11:32:44 UTC
Ubuntu fixed those with USN-79-1

http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0138.html
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-02-10 13:10:05 UTC
Confirming fixed in 7.4.7 :
CAN-2005-0227
CAN-2005-0244
CAN-2005-0246

They also fixed : "Avoid buffer overrun when plpgsql cursor declaration has too
many parameters (Neil)" This appears to be CAN-2004-0245.

This leaves CAN-2004-0247 to treat, the patch for 7.4.7 can be found at :
http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.48.2.1;r2=1.48.2.3;only_with_tag=REL7_4_STABLE

postgresql maintainers: You might want to also patch 8.0.1 using :
http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.64.4.1;r2=1.64.4.3;only_with_tag=REL8_0_STABLE
Comment 3 Sune Kloppenborg Jeppesen gentoo-dev 2005-02-11 12:40:03 UTC
Of course it is CAN-2005-0247 and not CAN-2004-0247.

Koon what is the status of CAN-2005-0245, is it fixed already?

GLSA drafted, Security please review.
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2005-02-11 13:00:55 UTC
Apparently yes. It's the same file anyway, so patching the last one will surely solve both.
Comment 5 Masatomo Nakano (RETIRED) gentoo-dev 2005-02-11 13:42:23 UTC
I've applied the patche in 
  postgresql-7.3.9-r1.ebuild
  postgresql-7.4.7-r1.ebuild
  postgresql-8.0.1-r1.ebuild.
Comment 6 Sune Kloppenborg Jeppesen gentoo-dev 2005-02-13 05:58:41 UTC
Arches please test and mark stable. Target keywords:

postgresql-7.3.9-r1.ebuild:KEYWORDS="x86 ppc sparc alpha amd64 hppa ia64 mips"
postgresql-7.4.7-r1.ebuild:KEYWORDS="x86 ppc sparc mips alpha arm hppa amd64 ia64 s390 ppc64"
postgresql-8.0.1.ebuild:KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~s390 ~ppc64" (Already there).
Comment 7 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-02-13 08:24:16 UTC
Stable on ppc.
Comment 8 Markus Rothe (RETIRED) gentoo-dev 2005-02-13 10:18:39 UTC
stable on ppc64
Comment 9 Olivier Crete (RETIRED) gentoo-dev 2005-02-13 12:57:20 UTC
It's already stable on x86
Comment 10 Bryan Østergaard (RETIRED) gentoo-dev 2005-02-13 14:43:39 UTC
Stable on alpha.
Comment 11 Jan Brinkmann (RETIRED) gentoo-dev 2005-02-13 15:16:43 UTC
stable on amd64
Comment 12 Gustavo Zacarias (RETIRED) gentoo-dev 2005-02-14 07:47:28 UTC
sparc stable.
Comment 13 Sune Kloppenborg Jeppesen gentoo-dev 2005-02-14 14:02:13 UTC
GLSA-200502-19

arm, hppa, ia64, mips please remember to mark stable.
Comment 14 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-02-16 01:21:53 UTC
Stable on hppa.
Comment 15 Hardave Riar (RETIRED) gentoo-dev 2005-02-18 09:30:49 UTC
Stable on mips.