(RHSA-2016:1060) Important: postgresql92-postgresql security update

2016-05-12T18:43:21
ID RHSA-2016:1060
Type redhat
Reporter RedHat
Modified 2018-06-07T09:02:35

Description

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

  • An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773)

Red Hat would like to thank PostgreSQL upstream for reporting this issue. Upstream acknowledges Tom Lane and Greg Stark as the original reporters.