Robert Haas

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions 8.3.x through 8.3.17 PostgreSQL versions 8.4.x through 8.4.10 PostgreSQL versions 9.0.x through 9.0.6 PostgreSQL versions 9.1.x through 9.1.2 **Description** The issue concerns the CREATE TRIGGER function in PostgreSQL, which does not properly check the execute permission for trigger functions marked as SECURITY DEFINER. This allows remote authenticated users to execute restricted triggers on arbitrary data by installing the trigger on a table owned by the attacker. The problem lies in the improper checking of permissions on functions called by triggers. **Recommendations** For PostgreSQL versions 8.3.x through 8.3.17, update to version 8.3.18 or later. For PostgreSQL versions 8.4.x through 8.4.10, update to version 8.4.11 or later. For PostgreSQL versions 9.0.x through 9.0.6, update to version 9.0.7 or later. For PostgreSQL versions 9.1.x through 9.1.2, update to version 9.1.3 or later.

**Name of the Vulnerable Software and Affected Versions** PostgreSQL versions 8.3.x through 8.3.17 PostgreSQL versions 8.4.x through 8.4.10 PostgreSQL versions 9.0.x through 9.0.6 PostgreSQL versions 9.1.x through 9.1.2 **Description** The issue allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object names with newlines. These newlines are inserted into an SQL script used when the database is restored, enabling the execution of arbitrary SQL commands. This is a result of a CRLF injection vulnerability in pg dump. **Recommendations** For PostgreSQL versions 8.3.x through 8.3.17, update to version 8.3.18 or later. For PostgreSQL versions 8.4.x through 8.4.10, update to version 8.4.11 or later. For PostgreSQL versions 9.0.x through 9.0.6, update to version 9.0.7 or later. For PostgreSQL versions 9.1.x through 9.1.2, update to version 9.1.3 or later.