29 matches found
SUSE: Security Advisory (SUSE-SU-2016:0677-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : postgresql-9.4.5-1.fc22 (2015-6d2a957a87)
update to 9.4.5 per release notes http://www.postgresql.org/docs/9.4/static/release-9-4-5.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...
SUSE SLED11 / SLES11 Security Update : postgresql94 (SUSE-SU-2016:0482-1)
This update of postgresql94 to 9.4.5 fixes the following issues : - CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service bsc949670 - CVE-2015-5288: crypt pgCrypto extension couldi potentially be...
SUSE-SU-2016:0482-1 Security update for postgresql94
This update of postgresql94 to 9.4.5 fixes the following issues: CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service bsc949670 CVE-2015-5288: crypt pgCrypto extension couldi potentially be exploite...
OpenMRS 2.3 (1.11.4) XML External Entity (XXE) Processing PoC Exploit
Summary OpenMRS is an application which enables design of a customized medical records system with no programming knowledge although medical and systems analysis knowledge is required. It is a common framework upon which medical informatics efforts in developing countries can be built. Descriptio...
RHEL 7 : postgresql (RHSA-2015:2078)
Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available f...
Scientific Linux Security Update : postgresql on SL7.x srpm/x86_64 (20151119)
A memory leak error was discovered in the crypt function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. CVE-2015-5288 A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain...
RedHat Update for postgresql RHSA-2015:2078-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for postgresql CESA-2015:2078 centos7
Check the version of postgresql SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882329";...
Moderate: Red Hat Security Advisory: postgresql security update
Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available f...
Oracle: Security Advisory (ELSA-2015-2078)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : postgresql (CESA-2015:2078)
Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available f...
Oracle Linux 7 : postgresql (ELSA-2015-2078)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2078 advisory. 9.2.14-1 - update to 9.2.14 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-14.html 9.2.13-1 - update to 9.2.13 per release not...
Moderate: Red Hat Security Advisory: postgresql92-postgresql security update
Updated postgresql92-postgresql packages that fix two security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...
Mageia: Security Advisory (MGASA-2015-0420)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : postgresql92 / postgresql93,postgresql94 (ALAS-2015-609)
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values. CVE-2015-5289 The crypt function in...
Medium: postgresql92, postgresql93, postgresql94
Issue Overview: Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values. CVE-2015-5289 The...
openSUSE Security Update : postgresql93 (openSUSE-2015-701)
postgresql93 was updated to version 9.3.10 to fix two security issues. These security issues were fixed : - CVE-2015-5288: Unchecked JSON input can crash the server bsc949669. - CVE-2015-5289: Memory leak in crypt function bsc949670. For the full release notes, please see:...
Updated postgresql packages fix security vulnerabilities
Josh Kupershmidt discovered the pgCrypto extension could expose several bytes of server memory if the crypt function was provided a too-short salt. An attacker could use this flaw to read private data. CVE-2015-5288 Oskari Saarenmaa discovered that the json and jsonb handlers could exhaust...
CVE-2015-5289
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values...