Re: CVE-2018-1058

On 10/16/19 1:05 PM, Lizeth Solis Aramayo wrote:
> What commands did you use to dump the 9.6.15 version and restore to the
> 9.6.5 version?
> 
> Pg_dump -p 5433 -U postgres -Fc -d dbkerp -n param > param.dump
> And
> Pg_restore -p 5432 -U postgres -d dbkerp param.dump
> 
> 
> Server with pg_dump is Linux red hat 7.6
> 
> Server with pg_restore is linux red hat 6.5
> 
> 
> In both servers I have postgresql 9.6, but in pg_dump is 9.6.15,   and in pg_restore is 9.6.5.

So the RH 7.5 has 9.6.15 and RH 6.5 9.6.5?

> 
> 
> The pg_dump is correct,  everything goes ok.,  but when I do the pg_restore I gota n error :  pg_restore: [archiver]
unsupportedversion (1.13) in file header
 

Yeah, that is because you are using an older version of pg_restore to 
restore a file that was created by a newer version of pg_dump. You have 
three choices as I see it:

1) Try to dump the 9.6.15  database with the 9.6.5 pg_dump using -Fc

2) Dump the 9.6.15 database using the 9.6.15 dump but output as plain 
text file(-Fp). To restore the file you will need to use psql not 
pg_restore. See examples at bottom of here:

https://www.postgresql.org/docs/11/app-pgdump.html

3) Upgrade your 9.6.5 instance to 9.6.15. This is going to need more 
information though:

a) How are you installing Postgres?

b) How big is the database and is it in production?

> 
> 
> I searched solutions,  and I found that I can apply a patch CVE-2018-1058,  but I don¡t know how.
> How  to download,  and install,  I dont find documents about it.
> 
> he reason why you can't upgrade the 9.6.5 to 9.6.15?  I dont know how.
> 
> 
>  
> 
> -----Mensaje original-----
> De: Adrian Klaver [mailto:adrian.klaver@aklaver.com]
> Enviado el: miércoles, 16 de octubre de 2019 15:41
> Para: Lizeth Solis Aramayo; pgsql-general@postgresql.org
> Asunto: Re: CVE-2018-1058
> 
> On 10/14/19 3:27 PM, Lizeth Solis Aramayo wrote:
>> Good afternoon,
>>
>> I am working with postgresql 9.6.15 and I need to restore in a 9.6.5
>> version,  I got an error, and  I found this page to install a patch
> 
> What commands did you use to dump the 9.6.15 version and restore to the
> 9.6.5 version?
> 
> Which versions software did you use to do above?
> 
> What was the error?
> 
> The reason why you can't upgrade the 9.6.5 to 9.6.15?
> 
> 
>>
>> https://www.postgresql.org/about/news/1834/
>>
>> CVE-2018-1058
>>
>> But I don't k now how to download the patch,  please may you help me?
>>
>> Thank you a lot.
>>
>> Lizeth Solis
>>
>> DBA - ELFEC S.A.
>>
> 
> --
> Adrian Klaver
> adrian.klaver@aklaver.com
> ____La información contenida en este mensaje esta dirigida en forma exclusiva para el uso personal y confidencial del
olos destinatarios arriba nombrados. Si el lector de este mensaje no es el destinatario previsto o una persona
responsablepara su distribución al destinatario, se le notifica que ha recibido este correo por error y que la
revisión,distribución, difusión o copia de este mensaje esta estrictamente prohibida. Si por error recibió esta
comunicación,por favor notifiquenos inmediatamente y borre el mensaje original. ____The information contained in this
messageis intended only for the personal and confidential use of the recipient(s) named above. If the reader of this
messageis not the intended recipient or an agent responsible for delivering it to the intended recipient, you are
herebynotified that you have received this document in error and that any review, dissemination, distribution, or
copyingof this message is strictly prohibited. If you have received this communication in error, please notify us
immediately,and delete the original message.
 
> 


-- 
Adrian Klaver
adrian.klaver@aklaver.com