Novell Home

CVE-2013-1899

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1899 at MITRE

Description

Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration settings and execute arbitrary code, via a connection request using a database name that begins with a "-" (hyphen).

NVD CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 812525

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Studio Onsite 1.3
  • postgresql91-devel >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7585
SUSE Linux Enterprise Desktop 11 SP2
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7585
SUSE Linux Enterprise Desktop 11 SP2
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • libpq5-32bit >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7585
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
  • postgresql91-contrib >= 9.1.9-0.3.1
  • postgresql91-docs >= 9.1.9-0.3.1
  • postgresql91-server >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7585
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • libpq5-32bit >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
  • postgresql91-contrib >= 9.1.9-0.3.1
  • postgresql91-docs >= 9.1.9-0.3.1
  • postgresql91-server >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7585
SUSE Linux Enterprise Server 11 SP2
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • libpq5-x86 >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
  • postgresql91-contrib >= 9.1.9-0.3.1
  • postgresql91-docs >= 9.1.9-0.3.1
  • postgresql91-server >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7585
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
  • postgresql91-contrib >= 9.1.9-0.3.1
  • postgresql91-docs >= 9.1.9-0.3.1
  • postgresql91-server >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7601
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libecpg6 >= 9.1.9-0.3.1
  • libpq5 >= 9.1.9-0.3.1
  • libpq5-32bit >= 9.1.9-0.3.1
  • postgresql91 >= 9.1.9-0.3.1
  • postgresql91-contrib >= 9.1.9-0.3.1
  • postgresql91-docs >= 9.1.9-0.3.1
  • postgresql91-server >= 9.1.9-0.3.1
Builds
SAT Patch Nr: 7601
openSUSE 12.3
  • libecpg6 >= 9.2.4-1.8.1
  • libecpg6-32bit >= 9.2.4-1.8.1
  • libecpg6-debuginfo >= 9.2.4-1.8.1
  • libecpg6-debuginfo-32bit >= 9.2.4-1.8.1
  • libpq5 >= 9.2.4-1.8.1
  • libpq5-32bit >= 9.2.4-1.8.1
  • libpq5-debuginfo >= 9.2.4-1.8.1
  • libpq5-debuginfo-32bit >= 9.2.4-1.8.1
  • postgresql92 >= 9.2.4-1.8.1
  • postgresql92-contrib >= 9.2.4-1.8.1
  • postgresql92-contrib-debuginfo >= 9.2.4-1.8.1
  • postgresql92-debuginfo >= 9.2.4-1.8.1
  • postgresql92-debugsource >= 9.2.4-1.8.1
  • postgresql92-devel >= 9.2.4-1.8.1
  • postgresql92-devel-debuginfo >= 9.2.4-1.8.1
  • postgresql92-docs >= 9.2.4-1.8.1
  • postgresql92-libs >= 9.2.4-1.8.1
  • postgresql92-libs-debugsource >= 9.2.4-1.8.1
  • postgresql92-plperl >= 9.2.4-1.8.1
  • postgresql92-plperl-debuginfo >= 9.2.4-1.8.1
  • postgresql92-plpython >= 9.2.4-1.8.1
  • postgresql92-plpython-debuginfo >= 9.2.4-1.8.1
  • postgresql92-pltcl >= 9.2.4-1.8.1
  • postgresql92-pltcl-debuginfo >= 9.2.4-1.8.1
  • postgresql92-server >= 9.2.4-1.8.1
  • postgresql92-server-debuginfo >= 9.2.4-1.8.1
Patchnames:
openSUSE-2013-306
openSUSE Evergreen 11.4
  • libecpg6 >= 9.0.13-31.1
  • libecpg6-debuginfo >= 9.0.13-31.1
  • libpq5 >= 9.0.13-31.1
  • libpq5-32bit >= 9.0.13-31.1
  • libpq5-debuginfo >= 9.0.13-31.1
  • libpq5-debuginfo-32bit >= 9.0.13-31.1
  • libpq5-debuginfo-x86 >= 9.0.13-31.1
  • libpq5-x86 >= 9.0.13-31.1
  • postgresql >= 9.0.13-31.1
  • postgresql-contrib >= 9.0.13-31.1
  • postgresql-contrib-debuginfo >= 9.0.13-31.1
  • postgresql-debuginfo >= 9.0.13-31.1
  • postgresql-debugsource >= 9.0.13-31.1
  • postgresql-devel >= 9.0.13-31.1
  • postgresql-devel-debuginfo >= 9.0.13-31.1
  • postgresql-docs >= 9.0.13-31.1
  • postgresql-libs >= 9.0.13-31.1
  • postgresql-libs-debugsource >= 9.0.13-31.1
  • postgresql-plperl >= 9.0.13-31.1
  • postgresql-plperl-debuginfo >= 9.0.13-31.1
  • postgresql-plpython >= 9.0.13-31.1
  • postgresql-plpython-debuginfo >= 9.0.13-31.1
  • postgresql-pltcl >= 9.0.13-31.1
  • postgresql-pltcl-debuginfo >= 9.0.13-31.1
  • postgresql-server >= 9.0.13-31.1
  • postgresql-server-debuginfo >= 9.0.13-31.1
Patchnames:
2013-59

© 2015 Novell