Описание
ELSA-2015-1194: postgresql security update (MODERATE)
[9.2.13-1]
- update to 9.2.13 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-13.html
[9.2.12-1]
- update to 9.2.12 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-12.html
[9.2.11-1]
- update to 9.2.11 per release notes http://www.postgresql.org/docs/9.2/static/release-9-2-11.html
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
postgresql
8.4.20-3.el6_6
postgresql-contrib
8.4.20-3.el6_6
postgresql-devel
8.4.20-3.el6_6
postgresql-docs
8.4.20-3.el6_6
postgresql-libs
8.4.20-3.el6_6
postgresql-plperl
8.4.20-3.el6_6
postgresql-plpython
8.4.20-3.el6_6
postgresql-pltcl
8.4.20-3.el6_6
postgresql-server
8.4.20-3.el6_6
postgresql-test
8.4.20-3.el6_6
Oracle Linux i686
postgresql
8.4.20-3.el6_6
postgresql-contrib
8.4.20-3.el6_6
postgresql-devel
8.4.20-3.el6_6
postgresql-docs
8.4.20-3.el6_6
postgresql-libs
8.4.20-3.el6_6
postgresql-plperl
8.4.20-3.el6_6
postgresql-plpython
8.4.20-3.el6_6
postgresql-pltcl
8.4.20-3.el6_6
postgresql-server
8.4.20-3.el6_6
postgresql-test
8.4.20-3.el6_6
Oracle Linux 7
Oracle Linux x86_64
postgresql
9.2.13-1.el7_1
postgresql-contrib
9.2.13-1.el7_1
postgresql-devel
9.2.13-1.el7_1
postgresql-docs
9.2.13-1.el7_1
postgresql-libs
9.2.13-1.el7_1
postgresql-plperl
9.2.13-1.el7_1
postgresql-plpython
9.2.13-1.el7_1
postgresql-pltcl
9.2.13-1.el7_1
postgresql-server
9.2.13-1.el7_1
postgresql-test
9.2.13-1.el7_1
postgresql-upgrade
9.2.13-1.el7_1
Связанные CVE
Связанные уязвимости
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.