Описание
ELSA-2014-0249: postgresql security update (IMPORTANT)
[8.1.23-10]
- related #1065840: CVE-2014-0062
[8.1.23-9]
- fix #1065840: CVE-2014-0060, CVE-2014-0061, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065
- better incorporate strlcpy function (upstream git diff c92f7e..062421)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
postgresql
8.1.23-10.el5_10
postgresql-contrib
8.1.23-10.el5_10
postgresql-devel
8.1.23-10.el5_10
postgresql-docs
8.1.23-10.el5_10
postgresql-libs
8.1.23-10.el5_10
postgresql-pl
8.1.23-10.el5_10
postgresql-python
8.1.23-10.el5_10
postgresql-server
8.1.23-10.el5_10
postgresql-tcl
8.1.23-10.el5_10
postgresql-test
8.1.23-10.el5_10
Oracle Linux x86_64
postgresql
8.1.23-10.el5_10
postgresql-contrib
8.1.23-10.el5_10
postgresql-devel
8.1.23-10.el5_10
postgresql-docs
8.1.23-10.el5_10
postgresql-libs
8.1.23-10.el5_10
postgresql-pl
8.1.23-10.el5_10
postgresql-python
8.1.23-10.el5_10
postgresql-server
8.1.23-10.el5_10
postgresql-tcl
8.1.23-10.el5_10
postgresql-test
8.1.23-10.el5_10
Oracle Linux i386
postgresql
8.1.23-10.el5_10
postgresql-contrib
8.1.23-10.el5_10
postgresql-devel
8.1.23-10.el5_10
postgresql-docs
8.1.23-10.el5_10
postgresql-libs
8.1.23-10.el5_10
postgresql-pl
8.1.23-10.el5_10
postgresql-python
8.1.23-10.el5_10
postgresql-server
8.1.23-10.el5_10
postgresql-tcl
8.1.23-10.el5_10
postgresql-test
8.1.23-10.el5_10
Ссылки на источники
Связанные уязвимости
ELSA-2014-0211: postgresql84 and postgresql security update (IMPORTANT)
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
Multiple integer overflows in the path_in and other unspecified functi ...