Lucene search
GoogleOSV:DSA-3476-1HistoryFeb 13, 2016 - 12:00 a.m.
postgresql-9.4 - security update
2016-02-1300:00:00
Google
osv.dev
9
0.211 Low
EPSS
Percentile
96.4%
Several vulnerabilities have been found in PostgreSQL-9.4, a SQL
database system.
- CVE-2016-0766
A privilege escalation vulnerability for users of PL/Java was
discovered. Certain custom configuration settings (GUCs) for PL/Java
will now be modifiable only by the database superuser to mitigate
this issue. - CVE-2016-0773
Tom Lane and Greg Stark discovered a flaw in the way PostgreSQL
processes specially crafted regular expressions. Very large
character ranges in bracket expressions could cause infinite
loops or memory overwrites. A remote attacker can exploit this
flaw to cause a denial of service or, potentially, to execute
arbitrary code.
For the stable distribution (jessie), these problems have been fixed in
version 9.4.6-0+deb8u1.
We recommend that you upgrade your postgresql-9.4 packages.
References
Related
debian
debian
[SECURITY] [DSA 3476-1] postgresql-9.4 security update
2016-02-13 15:17:15
[SECURITY] [DSA 3476-1] postgresql-9.4 security update
2016-02-13 15:17:15
[SECURITY] [DSA 3475-1] postgresql-9.1 security update
2016-02-13 15:16:57
freebsd
freebsd
PostgreSQL -- Security Fixes for Regular Expressions, PL/Java.
2016-02-08 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3476-1)
2016-02-12 00:00:00
Ubuntu: Security Advisory (USN-2894-1)
2016-02-12 00:00:00
Debian Security Advisory DSA 3476-1 (postgresql-9.4 - security update)
2016-02-13 00:00:00
nessus
nessus
FreeBSD : PostgreSQL -- Security Fixes for Regular Expressions, PL/Java. (e8b6605b-d29f-11e5-8458-6cc21735f730)
2016-02-15 00:00:00
Debian DSA-3476-1 : postgresql-9.4 - security update
2016-02-15 00:00:00
Ubuntu 14.04 LTS : PostgreSQL vulnerabilities (USN-2894-1)
2016-02-12 00:00:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2016-02-11 00:00:00
kaspersky
kaspersky
KLA10761 Multiple vulnerabilities in PostgreSQL
2016-02-17 00:00:00
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2016-03-02 21:28:46
suse
suse
Security update for postgresql93 (important)
2016-02-22 14:11:16
Security update for postgresql93 (important)
2016-02-21 11:11:04
Security update for postgresql94 (important)
2016-02-25 14:11:50
osv
osv
postgresql-9.1 - security update
2016-02-13 00:00:00
postgresql-8.4 - security update
2016-02-25 00:00:00
nvd
nvd
CVE-2016-0766
2016-02-17 15:59:01
CVE-2016-0773
2016-02-17 15:59:02
ubuntucve
ubuntucve
CVE-2016-0766
2016-02-11 00:00:00
CVE-2016-0773
2016-02-11 00:00:00
cvelist
cvelist
CVE-2016-0766
2016-02-17 15:00:00
CVE-2016-0773
2016-02-17 15:00:00
prion
prion
Code injection
2016-02-17 15:59:00
Buffer overflow
2016-02-17 15:59:00
cve
cve
CVE-2016-0766
2016-02-17 15:59:01
CVE-2016-0773
2016-02-17 15:59:02
centos
centos
postgresql security update
2016-03-02 17:36:01
postgresql security update
2016-03-02 18:06:35
postgresql
postgresql
Vulnerability in core server (CVE-2016-0773)
2016-02-17 15:59:00
redhat
redhat
(RHSA-2016:0346) Important: postgresql security update
2016-03-02 16:13:40
(RHSA-2016:1060) Important: postgresql92-postgresql security update
2016-05-12 14:43:21
(RHSA-2016:0347) Important: postgresql security update
2016-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: postgresql-9.4.6-1.fc23
2016-02-23 19:25:58
[SECURITY] Fedora 22 Update: postgresql-9.4.6-1.fc22
2016-02-25 08:57:16
oraclelinux
oraclelinux
postgresql security update
2016-03-02 00:00:00
postgresql security update
2016-03-02 00:00:00
huawei
huawei
Security Advisory - Buffer Overflow Vulnerability in The GaussDB
2017-05-31 00:00:00
amazon
amazon
Important: postgresql94, postgresql93, postgresql92
2016-03-10 16:30:00
Important: postgresql8
2016-04-21 16:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:10:21
ibm
ibm
gentoo
gentoo
PostgreSQL: Multiple vulnerabilities
2017-01-12 00:00:00