CVE-2010-1169

Publication date 18 May 2010

Last updated 24 July 2024


Ubuntu priority

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrary Perl code via a crafted script, related to the Safe module (aka Safe.pm) for Perl. NOTE: some sources report that this issue is the same as CVE-2010-1447.

Status

Package Ubuntu Release Status
postgresql-7.4 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Ignored end of life
postgresql-8.0 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Ignored end of life
postgresql-8.1 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper
Fixed 8.1.21-0ubuntu0.6.06
postgresql-8.2 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Not in release
9.04 jaunty Not in release
8.04 LTS hardy Ignored end of life
6.06 LTS dapper Not in release
postgresql-8.3 11.04 natty Not in release
10.10 maverick Not in release
10.04 LTS lucid Not in release
9.10 karmic Ignored end of life
9.04 jaunty
Fixed 8.3.11-0ubuntu9.04
8.04 LTS hardy
Fixed 8.3.11-0ubuntu8.04
6.06 LTS dapper Not in release
postgresql-8.4 11.04 natty
Fixed 8.4.4-1
10.10 maverick
Fixed 8.4.4-1
10.04 LTS lucid
Fixed 8.4.4-0ubuntu10.04
9.10 karmic
Fixed 8.4.4-0ubuntu9.10
9.04 jaunty Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-942-1
    • PostgreSQL vulnerabilities
    • 21 May 2010

Other references