Fedora 7 : postgresql-8.2.6-1.fc7 (2008-0552)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Mon Jan 7 2008 Tom Lane <tgl at redhat.com> 8.2.6-1

- Update to PostgreSQL 8.2.6 to fix CVE-2007-4769,
CVE-2007-4772, CVE-2007-6067, CVE-2007-6600,
CVE-2007-6601

- Make initscript and pam config files be installed
unconditionally; seems new buildroots don't necessarily
have those directories in place

- Thu Sep 20 2007 Tom Lane <tgl at redhat.com> 8.2.5-1

- Update to PostgreSQL 8.2.5 and pgtcl 1.6.0

- Fix multilib problem for /usr/include/ecpg_config.h
(which is new in 8.2.x)

- Use tzdata package's data files instead of private
copy, so that postgresql-server need not be turned for
routine timezone updates

- Don't remove postgres user/group during RPM uninstall,
per Fedora packaging guidelines

- Recent perl changes in rawhide mean we need a more
specific BuildRequires

- Wed Jun 20 2007 Tom Lane <tgl at redhat.com> 8.2.4-2

- Fix oversight in postgresql-test makefile: pg_regress
isn't a shell script anymore. Per upstream bug 3398.

- Tue Apr 24 2007 Tom Lane <tgl at redhat.com> 8.2.4-1

- Update to PostgreSQL 8.2.4 for CVE-2007-2138, data
loss bugs Resolves: #237682

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=315231
https://bugzilla.redhat.com/show_bug.cgi?id=316511
https://bugzilla.redhat.com/show_bug.cgi?id=400931
https://bugzilla.redhat.com/show_bug.cgi?id=427127
https://bugzilla.redhat.com/show_bug.cgi?id=427128
https://bugzilla.redhat.com/show_bug.cgi?id=427772
http://www.nessus.org/u?b94a6f53

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 29948 (fedora_2008-0552.nasl)

Bugtraq ID: 27163

CVE ID: CVE-2007-4769
CVE-2007-4772
CVE-2007-6067
CVE-2007-6600
CVE-2007-6601

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now