PostgreSQL contains buffer overflow flaws. A remotely authenticated user is able to affect confidentiality, integrity and availability via vectors related to the functions hstore_recv
, hstore_from_arrays
and hstore_from_array
in contrib/hstore/hstore_io.c
due to integer overflow.
rhn.redhat.com/errata/RHSA-2014-0221.html
rhn.redhat.com/errata/RHSA-2014-0469.html
wiki.postgresql.org/wiki/20140220securityrelease
www.debian.org/security/2014/dsa-2864
www.debian.org/security/2014/dsa-2865
www.postgresql.org/about/news/1506/
www.postgresql.org/support/security/
access.redhat.com/security/updates/classification/#important
access.redhat.com/site/documentation/en-US/CloudForms/3.0/html/Management_Engine_5.2_Technical_Notes/index.html
github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a
rhn.redhat.com/errata/RHSA-2014-0469.html