openSUSE-SU-2010:0903-1 (moderate): postgesql security update

openSUSE Security Update: postgesql security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0903-1 Rating: moderate References: #643771 Cross-References: CVE-2010-3433 Affected Products: openSUSE 11.3 openSUSE 11.2 openSUSE 11.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes two new package versions. Description: PostgreSQL functions implemented in Perl or TCL shared a global state even across different user user ids. A user could therefore influence functions of other users in an unexpected or even malicious way (CVE-2010-3433). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch postgresql-3356 - openSUSE 11.2: zypper in -t patch postgresql-3356 - openSUSE 11.1: zypper in -t patch postgresql-3356 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 x86_64) [New Version: 8.4.5]: postgresql-8.4.5-0.3.1 postgresql-contrib-8.4.5-0.3.1 postgresql-devel-8.4.5-0.3.1 postgresql-libs-8.4.5-0.3.1 postgresql-plperl-8.4.5-0.3.1 postgresql-plpython-8.4.5-0.3.1 postgresql-pltcl-8.4.5-0.3.1 postgresql-server-8.4.5-0.3.1 - openSUSE 11.3 (x86_64) [New Version: 8.4.5]: postgresql-libs-32bit-8.4.5-0.3.1 - openSUSE 11.3 (noarch) [New Version: 8.4.5]: postgresql-docs-8.4.5-0.3.1 - openSUSE 11.2 (i586 x86_64) [New Version: 8.4.5]: postgresql-8.4.5-0.2.1 postgresql-contrib-8.4.5-0.2.1 postgresql-devel-8.4.5-0.2.1 postgresql-docs-8.4.5-0.2.1 postgresql-libs-8.4.5-0.2.1 postgresql-plperl-8.4.5-0.2.1 postgresql-plpython-8.4.5-0.2.1 postgresql-pltcl-8.4.5-0.2.1 postgresql-server-8.4.5-0.2.1 - openSUSE 11.2 (x86_64) [New Version: 8.4.5]: postgresql-libs-32bit-8.4.5-0.2.1 - openSUSE 11.1 (i586 ppc x86_64) [New Version: 8.3.12]: postgresql-8.3.12-0.1.2 postgresql-contrib-8.3.12-0.1.2 postgresql-devel-8.3.12-0.1.2 postgresql-docs-8.3.12-0.1.2 postgresql-libs-8.3.12-0.1.2 postgresql-plperl-8.3.12-0.1.2 postgresql-plpython-8.3.12-0.1.2 postgresql-pltcl-8.3.12-0.1.2 postgresql-server-8.3.12-0.1.2 - openSUSE 11.1 (x86_64) [New Version: 8.3.12]: postgresql-libs-32bit-8.3.12-0.1.2 - openSUSE 11.1 (ppc) [New Version: 8.3.12]: postgresql-libs-64bit-8.3.12-0.1.2 References: http://support.novell.com/security/cve/CVE-2010-3433.html https://bugzilla.novell.com/643771