Novell Home

CVE-2013-0255

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-0255 at MITRE

Description

PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.

NVD CVSS v2 Base Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)

Novell/SUSE information

Novell Bugzilla entry: 802679, 803057

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP2 DEBUGINFO
  • postgresql91-debuginfo >= 9.1.8-0.5.1
  • postgresql91-debugsource >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
SUSE Linux Enterprise Software Development Kit 11 SP2
  • postgresql91-devel >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
SUSE Linux Enterprise Desktop 11 SP2
  • libecpg6 >= 9.1.8-0.5.1
  • libpq5 >= 9.1.8-0.5.1
  • postgresql91 >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
SUSE Linux Enterprise Desktop 11 SP2
  • libecpg6 >= 9.1.8-0.5.1
  • libpq5 >= 9.1.8-0.5.1
  • libpq5-32bit >= 9.1.8-0.5.1
  • postgresql91 >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libecpg6 >= 9.1.8-0.5.1
  • libpq5 >= 9.1.8-0.5.1
  • postgresql91 >= 9.1.8-0.5.1
  • postgresql91-contrib >= 9.1.8-0.5.1
  • postgresql91-docs >= 9.1.8-0.5.1
  • postgresql91-server >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
SUSE Linux Enterprise Server 11 SP2
  • libecpg6 >= 9.1.8-0.5.1
  • libpq5 >= 9.1.8-0.5.1
  • libpq5-x86 >= 9.1.8-0.5.1
  • postgresql91 >= 9.1.8-0.5.1
  • postgresql91-contrib >= 9.1.8-0.5.1
  • postgresql91-docs >= 9.1.8-0.5.1
  • postgresql91-server >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libecpg6 >= 9.1.8-0.5.1
  • libpq5 >= 9.1.8-0.5.1
  • libpq5-32bit >= 9.1.8-0.5.1
  • postgresql91 >= 9.1.8-0.5.1
  • postgresql91-contrib >= 9.1.8-0.5.1
  • postgresql91-docs >= 9.1.8-0.5.1
  • postgresql91-server >= 9.1.8-0.5.1
Builds
SAT Patch Nr: 7342
BDK 11 SP2
  • postgresql-devel >= 8.3.23-0.4.1
  • postgresql-libs >= 8.3.23-0.4.1
Builds
SAT Patch Nr: 7340
SLE 11 SP2 DEBUGINFO
  • postgresql-debuginfo >= 8.3.23-0.4.1
  • postgresql-debugsource >= 8.3.23-0.4.1
Builds
SAT Patch Nr: 7340
SUSE Linux Enterprise Desktop 11 SP2
  • postgresql >= 8.3.23-0.4.1
Builds
SAT Patch Nr: 7340
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • postgresql >= 8.3.23-0.4.1
  • postgresql-contrib >= 8.3.23-0.4.1
  • postgresql-docs >= 8.3.23-0.4.1
  • postgresql-server >= 8.3.23-0.4.1
Builds
SAT Patch Nr: 7340

© 2014 Novell