Novell Home

CVE-2014-0063

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-0063 at MITRE

Description

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.

NVD CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entries: 864850, 864856

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • postgresql91-debuginfo >= 9.1.12-0.3.1
  • postgresql91-libs-debuginfo >= 9.1.12-0.3.1
Builds
SAT Patch Nr: 8969
SUSE Linux Enterprise Software Development Kit 11 SP3
  • postgresql91-devel >= 9.1.12-0.3.1
Builds
SAT Patch Nr: 8970
SUSE Linux Enterprise Desktop 11 SP3
  • libecpg6 >= 9.1.12-0.3.1
  • libpq5 >= 9.1.12-0.3.1
  • postgresql91 >= 9.1.12-0.3.1
  • postgresql91-docs >= 9.1.12-0.3.1
Builds
SAT Patch Nr: 8970
SUSE Linux Enterprise Desktop 11 SP3
  • libecpg6 >= 9.1.12-0.3.1
  • libpq5 >= 9.1.12-0.3.1
  • libpq5-32bit >= 9.1.12-0.3.1
  • postgresql91 >= 9.1.12-0.3.1
  • postgresql91-docs >= 9.1.12-0.3.1
Builds
SAT Patch Nr: 8970
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libecpg6 >= 9.1.12-0.3.1
  • libpq5 >= 9.1.12-0.3.1
  • postgresql91 >= 9.1.12-0.3.1
  • postgresql91-contrib >= 9.1.12-0.3.1
  • postgresql91-docs >= 9.1.12-0.3.1
  • postgresql91-server >= 9.1.12-0.3.1
Builds
SAT Patch Nr: 8970
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libecpg6 >= 9.1.12-0.3.1
  • libpq5 >= 9.1.12-0.3.1
  • libpq5-32bit >= 9.1.12-0.3.1
  • postgresql91 >= 9.1.12-0.3.1
  • postgresql91-contrib >= 9.1.12-0.3.1
  • postgresql91-docs >= 9.1.12-0.3.1
  • postgresql91-server >= 9.1.12-0.3.1
Builds
SAT Patch Nr: 8970

List of products where fixes are in QA

© 2014 Novell