Synopsis: Moderate: postgresql security update Issue date: 2007-05-08 CVE Names: CVE-2007-2138 A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. (CVE-2007-2138) SRPMS: rh-postgresql-7.3.19-1.src.rpm i386: rh-postgresql-7.3.19-1.i386.rpm rh-postgresql-contrib-7.3.19-1.i386.rpm rh-postgresql-devel-7.3.19-1.i386.rpm rh-postgresql-docs-7.3.19-1.i386.rpm rh-postgresql-jdbc-7.3.19-1.i386.rpm rh-postgresql-libs-7.3.19-1.i386.rpm rh-postgresql-pl-7.3.19-1.i386.rpm rh-postgresql-python-7.3.19-1.i386.rpm rh-postgresql-server-7.3.19-1.i386.rpm rh-postgresql-tcl-7.3.19-1.i386.rpm rh-postgresql-test-7.3.19-1.i386.rpm x86_64: rh-postgresql-7.3.19-1.x86_64.rpm rh-postgresql-contrib-7.3.19-1.x86_64.rpm rh-postgresql-devel-7.3.19-1.x86_64.rpm rh-postgresql-docs-7.3.19-1.x86_64.rpm rh-postgresql-jdbc-7.3.19-1.x86_64.rpm rh-postgresql-libs-7.3.19-1.i386.rpm rh-postgresql-libs-7.3.19-1.x86_64.rpm rh-postgresql-pl-7.3.19-1.x86_64.rpm rh-postgresql-python-7.3.19-1.x86_64.rpm rh-postgresql-server-7.3.19-1.x86_64.rpm rh-postgresql-tcl-7.3.19-1.x86_64.rpm rh-postgresql-test-7.3.19-1.x86_64.rpm -Connie Sieh -Troy Dawson