[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3269-1 postgresql-9.1 -- postgresql-9.1

ID: oval:org.secpod.oval:def:602109Date: (C)2015-06-04   (M)2023-07-28
Class: PATCHFamily: unix




Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. CVE-2015-3165 SSL clients disconnecting just before the authentication timeout expires can cause the server to crash. CVE-2015-3166 The replacement implementation of snprintf failed to check for errors reported by the underlying system library calls; the main case that might be missed is out-of-memory situations. In the worst case this might lead to information exposure. CVE-2015-3167 In contrib/pgcrypto, some cases of decryption with an incorrect key could report other error message texts. Fix by using a one-size-fits-all message.

Platform:
Debian 8.x
Debian 7.x
Product:
postgresql-9.1
postgresql-plperl-9.1
Reference:
DSA-3269-1
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE    3
CVE-2015-3167
CVE-2015-3166
CVE-2015-3165
CPE    30
cpe:/a:postgresql:postgresql:9.1.11
cpe:/o:debian:debian_linux:7.x
cpe:/a:postgresql:postgresql:9.1.12
cpe:/o:debian:debian_linux:8.x
...

© SecPod Technologies