Available from ftp://ftp.scientificlinux.org/linux/scientific/4x/i386/errata/SL/RPMS/ ftp://ftp.scientificlinux.org/linux/scientific/4x/x86_64/errata/SL/RPMS/ ftp://ftp.scientificlinux.org/linux/scientific/5x/i386/updates/security/ --------------------------------------------------------------------------- Synopsis: Moderate: postgresql security update Issue date: 2007-05-08 CVE Names: CVE-2007-2138 Updated postgresql packages that fix several security issues are now available. A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. (CVE-2007-2138) SL4: SRPMS: postgresql-7.4.17-1.RHEL4.1.src.rpm i386: postgresql-7.4.17-1.RHEL4.1.i386.rpm postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm postgresql-python-7.4.17-1.RHEL4.1.i386.rpm postgresql-server-7.4.17-1.RHEL4.1.i386.rpm postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm postgresql-test-7.4.17-1.RHEL4.1.i386.rpm x86_64: postgresql-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm SL5: SRPMS: postgresql-8.1.9-1.el5.src.rpm i386: postgresql-8.1.9-1.el5.i386.rpm postgresql-contrib-8.1.9-1.el5.i386.rpm postgresql-devel-8.1.9-1.el5.i386.rpm postgresql-docs-8.1.9-1.el5.i386.rpm postgresql-libs-8.1.9-1.el5.i386.rpm postgresql-pl-8.1.9-1.el5.i386.rpm postgresql-python-8.1.9-1.el5.i386.rpm postgresql-server-8.1.9-1.el5.i386.rpm postgresql-tcl-8.1.9-1.el5.i386.rpm postgresql-test-8.1.9-1.el5.i386.rpm -Connie Sieh -Troy Dawson