rhsa-2015_0856
Vulnerability from csaf_redhat
Published
2015-04-20 09:46
Modified
2024-11-14 16:30
Summary
Red Hat Security Advisory: postgresql92-postgresql security update
Notes
Topic
Updated postgresql packages that fix multiple security issues are now
available for Red Hat Satellite 5.7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
PostgreSQL is an advanced object-relational database management system
(DBMS).
An information leak flaw was found in the way the PostgreSQL database
server handled certain error messages. An authenticated database user could
possibly obtain the results of a query they did not have privileges to
execute by observing the constraint violation error messages produced when
the query was executed. (CVE-2014-8161)
A buffer overflow flaw was found in the way PostgreSQL handled certain
numeric formatting. An authenticated database user could use a specially
crafted timestamp formatting template to cause PostgreSQL to crash or,
under certain conditions, execute arbitrary code with the permissions of
the user running PostgreSQL. (CVE-2015-0241)
A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module.
An authenticated database user could use this flaw to cause PostgreSQL to
crash or, potentially, execute arbitrary code with the permissions of the
user running PostgreSQL. (CVE-2015-0243)
A flaw was found in the way PostgreSQL handled certain errors that were
generated during protocol synchronization. An authenticated database user
could use this flaw to inject queries into an existing connection.
(CVE-2015-0244)
Red Hat would like to thank the PostgreSQL project for reporting these
issues. Upstream acknowledges Stephen Frost as the original reporter of
CVE-2014-8161; Andres Freund, Peter Geoghegan, Bernd Helmle, and Noah Misch
as the original reporters of CVE-2015-0241; Marko Tiikkaja as the original
reporter of CVE-2015-0243; and Emil Lenngren as the original reporter of
CVE-2015-0244.
All PostgreSQL users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. If the postgresql
service is running, it will be automatically restarted after installing
this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated postgresql packages that fix multiple security issues are now\navailable for Red Hat Satellite 5.7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nAn information leak flaw was found in the way the PostgreSQL database\nserver handled certain error messages. An authenticated database user could\npossibly obtain the results of a query they did not have privileges to\nexecute by observing the constraint violation error messages produced when\nthe query was executed. (CVE-2014-8161)\n\nA buffer overflow flaw was found in the way PostgreSQL handled certain\nnumeric formatting. An authenticated database user could use a specially\ncrafted timestamp formatting template to cause PostgreSQL to crash or,\nunder certain conditions, execute arbitrary code with the permissions of\nthe user running PostgreSQL. (CVE-2015-0241)\n\nA stack-buffer overflow flaw was found in PostgreSQL\u0027s pgcrypto module.\nAn authenticated database user could use this flaw to cause PostgreSQL to\ncrash or, potentially, execute arbitrary code with the permissions of the\nuser running PostgreSQL. (CVE-2015-0243)\n\nA flaw was found in the way PostgreSQL handled certain errors that were\ngenerated during protocol synchronization. An authenticated database user\ncould use this flaw to inject queries into an existing connection.\n(CVE-2015-0244)\n\nRed Hat would like to thank the PostgreSQL project for reporting these\nissues. Upstream acknowledges Stephen Frost as the original reporter of\nCVE-2014-8161; Andres Freund, Peter Geoghegan, Bernd Helmle, and Noah Misch\nas the original reporters of CVE-2015-0241; Marko Tiikkaja as the original\nreporter of CVE-2015-0243; and Emil Lenngren as the original reporter of\nCVE-2015-0244.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the postgresql\nservice is running, it will be automatically restarted after installing\nthis update.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:0856", "url": "https://access.redhat.com/errata/RHSA-2015:0856" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1182043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182043" }, { "category": "external", "summary": "1188684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188684" }, { "category": "external", "summary": "1188689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188689" }, { "category": "external", "summary": "1188694", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188694" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0856.json" } ], "title": "Red Hat Security Advisory: postgresql92-postgresql security update", "tracking": { "current_release_date": "2024-11-14T16:30:43+00:00", "generator": { "date": "2024-11-14T16:30:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2015:0856", "initial_release_date": "2015-04-20T09:46:03+00:00", "revision_history": [ { "date": "2015-04-20T09:46:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-04-20T09:46:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T16:30:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product": { "name": "Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.7::el6" } } }, { "category": "product_name", "name": "Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product": { "name": "Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite_managed_db:5.7::el6" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-upgrade@9.2.10-2.el6?arch=x86_64" } } }, { "category": "product_version", "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-pltcl@9.2.10-2.el6?arch=x86_64" } } }, { "category": "product_version", "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-server@9.2.10-2.el6?arch=x86_64" } } }, { "category": "product_version", "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-debuginfo@9.2.10-2.el6?arch=x86_64" } } }, { "category": "product_version", "name": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql@9.2.10-2.el6?arch=x86_64" } } }, { "category": "product_version", "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-libs@9.2.10-2.el6?arch=x86_64" } } }, { "category": "product_version", "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "product": { "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "product_id": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-contrib@9.2.10-2.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "postgresql92-postgresql-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql@9.2.10-2.el6?arch=s390x" } } }, { "category": "product_version", "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-pltcl@9.2.10-2.el6?arch=s390x" } } }, { "category": "product_version", "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-debuginfo@9.2.10-2.el6?arch=s390x" } } }, { "category": "product_version", "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-libs@9.2.10-2.el6?arch=s390x" } } }, { "category": "product_version", "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-server@9.2.10-2.el6?arch=s390x" } } }, { "category": "product_version", "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-upgrade@9.2.10-2.el6?arch=s390x" } } }, { "category": "product_version", "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "product": { "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "product_id": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql-contrib@9.2.10-2.el6?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "postgresql92-postgresql-0:9.2.10-2.el6.src", "product": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.src", "product_id": "postgresql92-postgresql-0:9.2.10-2.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/postgresql92-postgresql@9.2.10-2.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.src as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src" }, "product_reference": "postgresql92-postgresql-0:9.2.10-2.el6.src", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite Managed DB 5.7 (RHEL v.6)", "product_id": "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-ManagedDB57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.src as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src" }, "product_reference": "postgresql92-postgresql-0:9.2.10-2.el6.src", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x" }, "product_reference": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "relates_to_product_reference": "6Server-Satellite57" }, { "category": "default_component_of", "full_product_name": { "name": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)", "product_id": "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" }, "product_reference": "postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "relates_to_product_reference": "6Server-Satellite57" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "PostgreSQL project" ] }, { "names": [ "Stephen Frost" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-8161", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "discovery_date": "2015-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1182043" } ], "notes": [ { "category": "description", "text": "An information leak flaw was found in the wathe PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "postgresql: information leak through constraint violation errors", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-8161" }, { "category": "external", "summary": "RHBZ#1182043", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1182043" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-8161", "url": "https://www.cve.org/CVERecord?id=CVE-2014-8161" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-8161", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8161" }, { "category": "external", "summary": "http://www.postgresql.org/about/news/1569/", "url": "http://www.postgresql.org/about/news/1569/" } ], "release_date": "2015-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-20T09:46:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0856" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "postgresql: information leak through constraint violation errors" }, { "acknowledgments": [ { "names": [ "PostgreSQL project" ] } ], "cve": "CVE-2015-0241", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2015-01-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1188684" } ], "notes": [ { "category": "description", "text": "A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL.", "title": "Vulnerability description" }, { "category": "summary", "text": "postgresql: buffer overflow in the to_char() function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0241" }, { "category": "external", "summary": "RHBZ#1188684", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188684" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0241", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0241" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0241", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0241" }, { "category": "external", "summary": "http://www.postgresql.org/about/news/1569/", "url": "http://www.postgresql.org/about/news/1569/" } ], "release_date": "2015-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-20T09:46:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0856" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "postgresql: buffer overflow in the to_char() function" }, { "acknowledgments": [ { "names": [ "PostgreSQL project" ] }, { "names": [ "Marko Tiikkaja" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2015-0243", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2015-01-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1188689" } ], "notes": [ { "category": "description", "text": "A stack-buffer overflow flaw was found in PostgreSQL\u0027s pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL.", "title": "Vulnerability description" }, { "category": "summary", "text": "postgresql: buffer overflow flaws in contrib/pgcrypto", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0243" }, { "category": "external", "summary": "RHBZ#1188689", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188689" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0243", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0243" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0243", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0243" }, { "category": "external", "summary": "http://www.postgresql.org/about/news/1569/", "url": "http://www.postgresql.org/about/news/1569/" } ], "release_date": "2015-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-20T09:46:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0856" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "postgresql: buffer overflow flaws in contrib/pgcrypto" }, { "acknowledgments": [ { "names": [ "PostgreSQL project" ] }, { "names": [ "Emil Lenngren" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2015-0244", "cwe": { "id": "CWE-300", "name": "Channel Accessible by Non-Endpoint" }, "discovery_date": "2015-01-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1188694" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way PostgreSQL handled certain errors that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection.", "title": "Vulnerability description" }, { "category": "summary", "text": "postgresql: loss of frontend/backend protocol synchronization after an error", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0244" }, { "category": "external", "summary": "RHBZ#1188694", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1188694" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0244", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0244" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0244", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0244" }, { "category": "external", "summary": "http://www.postgresql.org/about/news/1569/", "url": "http://www.postgresql.org/about/news/1569/" } ], "release_date": "2015-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-04-20T09:46:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0856" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-ManagedDB57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-ManagedDB57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.src", "6Server-Satellite57:postgresql92-postgresql-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-contrib-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-debuginfo-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-libs-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-pltcl-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-server-0:9.2.10-2.el6.x86_64", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.s390x", "6Server-Satellite57:postgresql92-postgresql-upgrade-0:9.2.10-2.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "postgresql: loss of frontend/backend protocol synchronization after an error" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.