Lucene search

K
ubuntuUbuntuUSN-1461-1
HistoryJun 05, 2012 - 12:00 a.m.

PostgreSQL vulnerabilities

2012-06-0500:00:00
ubuntu.com
38

7.1 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.2%

Releases

  • Ubuntu 12.04
  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.04
  • Ubuntu 8.04

Packages

  • postgresql-8.3 - Object-relational SQL database
  • postgresql-8.4 - Object-relational SQL database
  • postgresql-9.1 - Object-relational SQL database

Details

It was discovered that PostgreSQL incorrectly handled certain bytes passed
to the crypt() function when using DES encryption. An attacker could use
this flaw to incorrectly handle authentication. (CVE-2012-2143)

It was discovered that PostgreSQL incorrectly handled SECURITY DEFINER and
SET attributes on procedural call handlers. An attacker could use this flaw
to cause PostgreSQL to crash, leading to a denial of service.
(CVE-2012-2655)

OSVersionArchitecturePackageVersionFilename
Ubuntu8.04noarchpostgresql-8.3< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchlibecpg-compat3< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchlibecpg-dev< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchlibecpg6< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchlibpgtypes3< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchlibpq-dev< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchlibpq5< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchpostgresql-client-8.3< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchpostgresql-contrib-8.3< 8.3.19-0ubuntu8.04UNKNOWN
Ubuntu8.04noarchpostgresql-plperl-8.3< 8.3.19-0ubuntu8.04UNKNOWN
Rows per page:
1-10 of 681