Ãë¾àÁ¡ID |
25233 |
À§Çèµµ |
40 |
Æ÷Æ® |
5432 |
ÇÁ·ÎÅäÄÝ |
TCP |
ºÐ·ù |
DB |
»ó¼¼¼³¸í |
PostgreSQL ¼¹öÀÇ ¹öÀü Á¤º¸¿¡ µû¸£¸é ´ÙÁß Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. PostgreSQLÀº SQLÀÇ È®Àå ¼ºê¼Â(subset)À» Áö¿øÇÏ´Â °´Ã¼-°ü°èÇü µ¥ÀÌÅͺ£À̽º °ü¸® ½Ã½ºÅÛ(DBMS) ·Î¼ ¸ðµç ¼Ò½º°¡ °ø°³µÇ¾î ÀÖ´Â ¹«·á ¼ÒÇÁÆ®¿þ¾îÀÌ´Ù.
PostgreSQL 9.2.22 ÀÌÀü 9.2.x ¹öÀüÀº ´ÙÀ½ÀÇ ´ÙÁß Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- ¸î¸î ÀÎÁõ ¼ö´Ü¿¡ °ø¹é ºñ¹Ð¹øÈ£°¡ Çã¿ëµÇ´Â ÀÎÁõ ¿ìȸ °áÇÔÀÌ Á¸ÀçÇÑ´Ù. (CVE-2017-7546)
- ¼¹ö ±ÇÇÑÀÌ ºÎÁ·ÇÑ À¯Àú¿¡°Ô ºñ¹Ð¹øÈ£¸¦ ³ëÃâ½Ãų ¼ö ÀÖ´Â 'pg_user_mappings' Ä«Å»·Î±× ºä¿¡ Á¤º¸ ³ëÃâ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. (CVE-2017-7547)
- lo_put() ÇÔ¼ö¿¡ ACLsÀ» ½ÂÀÎÇÏÁö ¾Ê´Â ºÎÀûÀýÇÑ °Ë»ç·Î ÀÎÇÑ °áÇÔÀÌ Á¸ÀçÇÑ´Ù. (CVE-2017-7548)
* Âü°í »çÀÌÆ®: https://www.postgresql.org/about/news/1772/ https://www.postgresql.org/docs/current/static/release-9-2-22.html https://www.postgresql.org/docs/current/static/release-9-3-18.html https://www.postgresql.org/docs/current/static/release-9-4-13.html https://www.postgresql.org/docs/current/static/release-9-5-8.html https://www.postgresql.org/docs/current/static/release-9-6-4.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû: PostgreSQL 9.2.22 ÀÌÀü 9.2 ¹öÀü ¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü |
ÇØ°áÃ¥ |
PostgreSQL À¥ ÆäÀÌÁöÀÎ http://www.postgresql.org/download/¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â PostgreSQLÀÇ °¡Àå ÃֽŠ¹öÀü(9.2.22 ¶Ç´Â ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
°ü·Ã URL |
CVE-2017-7546,CVE-2017-7547,CVE-2017-7548 (CVE) |
°ü·Ã URL |
(SecurityFocus) |
°ü·Ã URL |
(ISS) |
|