6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
0.025 Low
EPSS
Percentile
88.6%
PostgreSQL is an advanced object-relational database management system
(DBMS).
A memory leak error was discovered in the crypt() function of the pgCrypto
extension. An authenticated attacker could possibly use this flaw to
disclose a limited amount of the server memory. (CVE-2015-5288)
All PostgreSQL users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. If the postgresql
service is running, it will be automatically restarted after installing
this update.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | postgresql-plpython | < 8.4.20-4.el6_7 | postgresql-plpython-8.4.20-4.el6_7.x86_64.rpm |
RedHat | 6 | i686 | postgresql-plperl | < 8.4.20-4.el6_7 | postgresql-plperl-8.4.20-4.el6_7.i686.rpm |
RedHat | 6 | s390 | postgresql | < 8.4.20-4.el6_7 | postgresql-8.4.20-4.el6_7.s390.rpm |
RedHat | 6 | x86_64 | postgresql-devel | < 8.4.20-4.el6_7 | postgresql-devel-8.4.20-4.el6_7.x86_64.rpm |
RedHat | 6 | ppc64 | postgresql-contrib | < 8.4.20-4.el6_7 | postgresql-contrib-8.4.20-4.el6_7.ppc64.rpm |
RedHat | 6 | ppc | postgresql | < 8.4.20-4.el6_7 | postgresql-8.4.20-4.el6_7.ppc.rpm |
RedHat | 6 | i686 | postgresql | < 8.4.20-4.el6_7 | postgresql-8.4.20-4.el6_7.i686.rpm |
RedHat | 6 | s390x | postgresql-devel | < 8.4.20-4.el6_7 | postgresql-devel-8.4.20-4.el6_7.s390x.rpm |
RedHat | 6 | ppc64 | postgresql-server | < 8.4.20-4.el6_7 | postgresql-server-8.4.20-4.el6_7.ppc64.rpm |
RedHat | 6 | x86_64 | postgresql-server | < 8.4.20-4.el6_7 | postgresql-server-8.4.20-4.el6_7.x86_64.rpm |