Re: CVE-2018-1058

From: Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
To: Lizeth Solis Aramayo <lizeth(dot)solis(at)elfec(dot)bo>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org>
Subject: Re: CVE-2018-1058
Date: 2019-10-17 14:22:58
Message-ID: 33ba7c53-a086-556e-16ca-284a0cc483f0@aklaver.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 10/17/19 6:46 AM, Lizeth Solis Aramayo wrote:
> Forgot a fourth option:
>
> 4) Use the 9.6.15 pg_restore to restore the 9.6.15 pg_dump to the 9.6.5 database.
>
>
> I don't know how to do that. May you help me please
>
> Is it just copy the pg_restore from one server to another?

It would be easier to just run the 9.6.15 version on the 9.6.15 machine
against the 9.6.5 database, so:

pg_restore -h <9.6.5 hostname or IP> -p 5432 ...

Of course, how fast this runs would depend where the machines are
relative to each on the network.

You could try copying the program, just not sure how compatible RH 6.5
and RH 7.6 are with each other.

Your best bet would be to upgrade the 9.6.5 --> 9.6.15. There have been
a lot of bug fixes in between.

>
>
>
>
>
> -----Mensaje original-----
> De: Adrian Klaver [mailto:adrian(dot)klaver(at)aklaver(dot)com]
> Enviado el: miércoles, 16 de octubre de 2019 18:32
> Para: Lizeth Solis Aramayo; pgsql-general(at)postgresql(dot)org
> Asunto: Re: CVE-2018-1058
>
> On 10/16/19 1:05 PM, Lizeth Solis Aramayo wrote:
>> What commands did you use to dump the 9.6.15 version and restore to
>> the
>> 9.6.5 version?
>>
>> Pg_dump -p 5433 -U postgres -Fc -d dbkerp -n param > param.dump And
>> Pg_restore -p 5432 -U postgres -d dbkerp param.dump
>>
>>
>> Server with pg_dump is Linux red hat 7.6
>>
>> Server with pg_restore is linux red hat 6.5
>>
>>
>> In both servers I have postgresql 9.6, but in pg_dump is 9.6.15, and in pg_restore is 9.6.5.
>>
>>
>> The pg_dump is correct, everything goes ok., but when I do the
>> pg_restore I gota n error : pg_restore: [archiver] unsupported
>> version (1.13) in file header
>
> Forgot a fourth option:
>
> 4) Use the 9.6.15 pg_restore to restore the 9.6.15 pg_dump to the 9.6.5 database.
>
>>
>>
>> I searched solutions, and I found that I can apply a patch CVE-2018-1058, but I don¡t know how.
>> How to download, and install, I dont find documents about it.
>>
>> he reason why you can't upgrade the 9.6.5 to 9.6.15? I dont know how.
>>
>
> --
> Adrian Klaver
> adrian(dot)klaver(at)aklaver(dot)com
> ____La información contenida en este mensaje esta dirigida en forma exclusiva para el uso personal y confidencial del o los destinatarios arriba nombrados. Si el lector de este mensaje no es el destinatario previsto o una persona responsable para su distribución al destinatario, se le notifica que ha recibido este correo por error y que la revisión, distribución, difusión o copia de este mensaje esta estrictamente prohibida. Si por error recibió esta comunicación, por favor notifiquenos inmediatamente y borre el mensaje original. ____The information contained in this message is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately, and delete the original message.
>

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Adrian Klaver 2019-10-17 14:41:01 Re: Changing PK on replicated database
Previous Message Andreas Joseph Krogh 2019-10-17 14:12:04 Sv: Conflict between autovacuum and backup restoration