Medium: postgresql8

Issue Overview: A flaw was found in the way the crypt password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string w...

Debian DSA-2491-1 : postgresql-8.4 - several vulnerabilities

Two vulnerabilities were discovered in PostgreSQL, a SQL database server : - CVE-2012-2143 The crypttext, text function in the pgcrypto contrib module did not handle certain passwords correctly when producing traditional DES-based hashes. Characters after the first 0x80 byte were ignored. -...

RedHat Update for postgresql RHSA-2012:1036-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for postgresql and postgresql84 RHSA-2012:1037-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

postgresql, postgresql84 security update

CentOS Errata and Security Advisory CESA-2012:1037 Updated postgresql84 and postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)

Multiple vulnerabilities has been discovered and corrected in postgresql : Fix incorrect password transformation in contrib/pgcrypto's DES crypt function Solar Designer. If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much...

[SECURITY] [DSA 2491-1] postgresql-8.4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2491-1 [email protected] http://www.debian.org/security/ Florian Weimer June 09, 2012 http://www.debian.org/security/faq -...

DSA-2491-1 postgresql-8.4 - several

Bulletin has no description...

CentOS Update for postgresql CESA-2011:1377 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 4 / 5 : postgresql (CESA-2011:1377)

Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: postgresql84 security update

Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

USN-1229-1: PostgreSQL vulnerability

It was discovered that the blowfish algorithm in the pgcrypto module incorrectly handled certain 8-bit characters, resulting in the password hashes being easier to crack than expected. An attacker who could obtain the password hashes would be able to recover the plaintext with less effort...