Red Hat Product Errata RHSA-2012:1116 - Security Advisory

Issued:: 2012-07-25
Updated:: 2012-07-25

RHSA-2012:1116 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: perl-DBD-Pg security update

Type/Severity

Security Advisory: Moderate

Topic

An updated perl-DBD-Pg package that fixes two security issues is now
available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

Perl DBI is a database access Application Programming Interface (API) for
the Perl language. perl-DBD-Pg allows Perl applications to access
PostgreSQL database servers.

Two format string flaws were found in perl-DBD-Pg. A specially-crafted
database warning or error message from a server could cause an application
using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the
privileges of the user running the application. (CVE-2012-1151)

All users of perl-DBD-Pg are advised to upgrade to this updated package,
which contains a backported patch to fix these issues. Applications using
perl-DBD-Pg must be restarted for the update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server - Extended Update Support 6.3 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 6.3 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux for IBM z Systems 6 s390x
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.3 s390x
Red Hat Enterprise Linux for Power, big endian 6 ppc64
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.3 ppc64
Red Hat Enterprise Linux for Scientific Computing 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 i386
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386
Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.3 x86_64
Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.3 i386

Fixes

BZ - 801733 - CVE-2012-1151 perl-DBD-Pg: Format string flaws by turning db notices into Perl warnings and by preparing DBD statement

CVEs

CVE-2012-1151

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
x86_64
perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm	SHA-256: f6a2fe2ca54a825dadd61038ba9e21d50a7277790a4fca1149b8be8bd0ed157b
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm	SHA-256: d6604492955b8ce7c8eeba2b15a4cd8a11fca3e86cc55425eda21627b2a81764
i386
perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm	SHA-256: c960a8918a3715f33d6fd6af63e0d17dee35762882d286fc52bd537b132ce7b9
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm	SHA-256: 4c64c338e621bb06733c480b35634ea686ce287b15b5943469136e896a1aed80

Red Hat Enterprise Linux Server 5

SRPM
perl-DBD-Pg-1.49-4.el5_8.src.rpm	SHA-256: 73a99993e294bdbb5dd58aea78471de04bbee1806d785f192e71bd0a3c22f9bd
x86_64
perl-DBD-Pg-1.49-4.el5_8.x86_64.rpm	SHA-256: 06554b550c1d9b605c274d16b2dccdb17f594bed6f0465f4f5f737974a466e49
perl-DBD-Pg-debuginfo-1.49-4.el5_8.x86_64.rpm	SHA-256: 96ffac4c645b429b3844addf90e4930479b882abe7c152931e34790592a0af2f
ia64
perl-DBD-Pg-1.49-4.el5_8.ia64.rpm	SHA-256: 1ff58c777cf21c64c52414a914fa3108ee8449c9afd42d9629d8b75932610080
perl-DBD-Pg-debuginfo-1.49-4.el5_8.ia64.rpm	SHA-256: 8dec64df7903e1e10f7f6eccb0b458d8e00fccda3bf8442a746f58ce8ea22dc6
i386
perl-DBD-Pg-1.49-4.el5_8.i386.rpm	SHA-256: e4488709dafe5604daea5f31e349229d5c4aea74827150ae8222968a79dfaac6
perl-DBD-Pg-debuginfo-1.49-4.el5_8.i386.rpm	SHA-256: 1d1b44948fe84cb0e8c4f34625efc42253a406cd0785145b60e833a78a872a04

Red Hat Enterprise Linux Server - Extended Update Support 6.3

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
x86_64
perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm	SHA-256: f6a2fe2ca54a825dadd61038ba9e21d50a7277790a4fca1149b8be8bd0ed157b
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm	SHA-256: d6604492955b8ce7c8eeba2b15a4cd8a11fca3e86cc55425eda21627b2a81764
i386
perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm	SHA-256: c960a8918a3715f33d6fd6af63e0d17dee35762882d286fc52bd537b132ce7b9
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm	SHA-256: 4c64c338e621bb06733c480b35634ea686ce287b15b5943469136e896a1aed80

Red Hat Enterprise Linux Workstation 6

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
x86_64
perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm	SHA-256: f6a2fe2ca54a825dadd61038ba9e21d50a7277790a4fca1149b8be8bd0ed157b
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm	SHA-256: d6604492955b8ce7c8eeba2b15a4cd8a11fca3e86cc55425eda21627b2a81764
i386
perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm	SHA-256: c960a8918a3715f33d6fd6af63e0d17dee35762882d286fc52bd537b132ce7b9
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm	SHA-256: 4c64c338e621bb06733c480b35634ea686ce287b15b5943469136e896a1aed80

Red Hat Enterprise Linux Workstation 5

SRPM
perl-DBD-Pg-1.49-4.el5_8.src.rpm	SHA-256: 73a99993e294bdbb5dd58aea78471de04bbee1806d785f192e71bd0a3c22f9bd
x86_64
perl-DBD-Pg-1.49-4.el5_8.x86_64.rpm	SHA-256: 06554b550c1d9b605c274d16b2dccdb17f594bed6f0465f4f5f737974a466e49
perl-DBD-Pg-debuginfo-1.49-4.el5_8.x86_64.rpm	SHA-256: 96ffac4c645b429b3844addf90e4930479b882abe7c152931e34790592a0af2f
i386
perl-DBD-Pg-1.49-4.el5_8.i386.rpm	SHA-256: e4488709dafe5604daea5f31e349229d5c4aea74827150ae8222968a79dfaac6
perl-DBD-Pg-debuginfo-1.49-4.el5_8.i386.rpm	SHA-256: 1d1b44948fe84cb0e8c4f34625efc42253a406cd0785145b60e833a78a872a04

Red Hat Enterprise Linux Desktop 5

SRPM
perl-DBD-Pg-1.49-4.el5_8.src.rpm	SHA-256: 73a99993e294bdbb5dd58aea78471de04bbee1806d785f192e71bd0a3c22f9bd
x86_64
perl-DBD-Pg-1.49-4.el5_8.x86_64.rpm	SHA-256: 06554b550c1d9b605c274d16b2dccdb17f594bed6f0465f4f5f737974a466e49
perl-DBD-Pg-debuginfo-1.49-4.el5_8.x86_64.rpm	SHA-256: 96ffac4c645b429b3844addf90e4930479b882abe7c152931e34790592a0af2f
i386
perl-DBD-Pg-1.49-4.el5_8.i386.rpm	SHA-256: e4488709dafe5604daea5f31e349229d5c4aea74827150ae8222968a79dfaac6
perl-DBD-Pg-debuginfo-1.49-4.el5_8.i386.rpm	SHA-256: 1d1b44948fe84cb0e8c4f34625efc42253a406cd0785145b60e833a78a872a04

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
s390x
perl-DBD-Pg-2.15.1-4.el6_3.s390x.rpm	SHA-256: bad325cfa7e0b1d889ed2a129e54303dc653de0415865429a5c7168a5ce44a73
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.s390x.rpm	SHA-256: cf1a5e836dca035fcbb21878f74797c312af321f7ed4e0a2c44f6606685ef5ad

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
perl-DBD-Pg-1.49-4.el5_8.src.rpm	SHA-256: 73a99993e294bdbb5dd58aea78471de04bbee1806d785f192e71bd0a3c22f9bd
s390x
perl-DBD-Pg-1.49-4.el5_8.s390x.rpm	SHA-256: 54d51693823437d90e87ad3aa75f1fb40d33ce1cd07e83f3a171f8550b76bef7
perl-DBD-Pg-debuginfo-1.49-4.el5_8.s390x.rpm	SHA-256: 53e301e2fec67188e00a88be56274cc48920893e56e4f95c079c7cfbb315267f

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.3

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
s390x
perl-DBD-Pg-2.15.1-4.el6_3.s390x.rpm	SHA-256: bad325cfa7e0b1d889ed2a129e54303dc653de0415865429a5c7168a5ce44a73
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.s390x.rpm	SHA-256: cf1a5e836dca035fcbb21878f74797c312af321f7ed4e0a2c44f6606685ef5ad

Red Hat Enterprise Linux for Power, big endian 6

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
ppc64
perl-DBD-Pg-2.15.1-4.el6_3.ppc64.rpm	SHA-256: c4005c471b56d587aa4597ea5656cfd609b6f3591a4f01035a6522014d6e76fd
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.ppc64.rpm	SHA-256: d21aa1f9037efd8fef865b1c11c55f7545880a57fae2ca55297c9067c260fd45

Red Hat Enterprise Linux for Power, big endian 5

SRPM
perl-DBD-Pg-1.49-4.el5_8.src.rpm	SHA-256: 73a99993e294bdbb5dd58aea78471de04bbee1806d785f192e71bd0a3c22f9bd
ppc
perl-DBD-Pg-1.49-4.el5_8.ppc.rpm	SHA-256: fe3c9f597dfe291e5329d9aa264765e28d2c04e6bc6b205905c5d06013fda5e7
perl-DBD-Pg-debuginfo-1.49-4.el5_8.ppc.rpm	SHA-256: b721f29abb23a0f638fd9d0d544b770a2c6f606215613d162ba6028c2b1d6bc5

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.3

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
ppc64
perl-DBD-Pg-2.15.1-4.el6_3.ppc64.rpm	SHA-256: c4005c471b56d587aa4597ea5656cfd609b6f3591a4f01035a6522014d6e76fd
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.ppc64.rpm	SHA-256: d21aa1f9037efd8fef865b1c11c55f7545880a57fae2ca55297c9067c260fd45

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
x86_64
perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm	SHA-256: f6a2fe2ca54a825dadd61038ba9e21d50a7277790a4fca1149b8be8bd0ed157b
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm	SHA-256: d6604492955b8ce7c8eeba2b15a4cd8a11fca3e86cc55425eda21627b2a81764

Red Hat Enterprise Linux Server from RHUI 6

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
x86_64
perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm	SHA-256: f6a2fe2ca54a825dadd61038ba9e21d50a7277790a4fca1149b8be8bd0ed157b
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm	SHA-256: d6604492955b8ce7c8eeba2b15a4cd8a11fca3e86cc55425eda21627b2a81764
i386
perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm	SHA-256: c960a8918a3715f33d6fd6af63e0d17dee35762882d286fc52bd537b132ce7b9
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm	SHA-256: 4c64c338e621bb06733c480b35634ea686ce287b15b5943469136e896a1aed80

Red Hat Enterprise Linux Server from RHUI 5

SRPM
perl-DBD-Pg-1.49-4.el5_8.src.rpm	SHA-256: 73a99993e294bdbb5dd58aea78471de04bbee1806d785f192e71bd0a3c22f9bd
x86_64
perl-DBD-Pg-1.49-4.el5_8.x86_64.rpm	SHA-256: 06554b550c1d9b605c274d16b2dccdb17f594bed6f0465f4f5f737974a466e49
perl-DBD-Pg-debuginfo-1.49-4.el5_8.x86_64.rpm	SHA-256: 96ffac4c645b429b3844addf90e4930479b882abe7c152931e34790592a0af2f
i386
perl-DBD-Pg-1.49-4.el5_8.i386.rpm	SHA-256: e4488709dafe5604daea5f31e349229d5c4aea74827150ae8222968a79dfaac6
perl-DBD-Pg-debuginfo-1.49-4.el5_8.i386.rpm	SHA-256: 1d1b44948fe84cb0e8c4f34625efc42253a406cd0785145b60e833a78a872a04

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.3

SRPM
perl-DBD-Pg-2.15.1-4.el6_3.src.rpm	SHA-256: c6bd4db836ef5c4ce23167c96ced1ea857cf8ebf4a9f52592a822a75dccc51ec
x86_64
perl-DBD-Pg-2.15.1-4.el6_3.x86_64.rpm	SHA-256: f6a2fe2ca54a825dadd61038ba9e21d50a7277790a4fca1149b8be8bd0ed157b
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.x86_64.rpm	SHA-256: d6604492955b8ce7c8eeba2b15a4cd8a11fca3e86cc55425eda21627b2a81764
i386
perl-DBD-Pg-2.15.1-4.el6_3.i686.rpm	SHA-256: c960a8918a3715f33d6fd6af63e0d17dee35762882d286fc52bd537b132ce7b9
perl-DBD-Pg-debuginfo-2.15.1-4.el6_3.i686.rpm	SHA-256: 4c64c338e621bb06733c480b35634ea686ce287b15b5943469136e896a1aed80

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.