6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.028 Low
EPSS
Percentile
90.6%
CentOS Errata and Security Advisory CESA-2015:2081
PostgreSQL is an advanced object-relational database management system
(DBMS).
A memory leak error was discovered in the crypt() function of the pgCrypto
extension. An authenticated attacker could possibly use this flaw to
disclose a limited amount of the server memory. (CVE-2015-5288)
All PostgreSQL users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. If the postgresql
service is running, it will be automatically restarted after installing
this update.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2015-November/083666.html
Affected packages:
postgresql
postgresql-contrib
postgresql-devel
postgresql-docs
postgresql-libs
postgresql-plperl
postgresql-plpython
postgresql-pltcl
postgresql-server
postgresql-test
Upstream details at:
https://access.redhat.com/errata/RHSA-2015:2081
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | postgresql | < 8.4.20-4.el6_7 | postgresql-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-contrib | < 8.4.20-4.el6_7 | postgresql-contrib-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-devel | < 8.4.20-4.el6_7 | postgresql-devel-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-docs | < 8.4.20-4.el6_7 | postgresql-docs-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-libs | < 8.4.20-4.el6_7 | postgresql-libs-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-plperl | < 8.4.20-4.el6_7 | postgresql-plperl-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-plpython | < 8.4.20-4.el6_7 | postgresql-plpython-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-pltcl | < 8.4.20-4.el6_7 | postgresql-pltcl-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-server | < 8.4.20-4.el6_7 | postgresql-server-8.4.20-4.el6_7.i686.rpm |
CentOS | 6 | i686 | postgresql-test | < 8.4.20-4.el6_7 | postgresql-test-8.4.20-4.el6_7.i686.rpm |