postgresql is vulnerable to denial of service (DoS). The vulnerability exists in PostgreSQL’s regular expression engine. An authenticated attacker could use these flaws to cause a denial of service by causing the PostgreSQL server to crash, enter an infinite loop, or use extensive CPU and memory resources while processing queries containing specially crafted regular expressions. Applications that accept regular expressions from untrusted sources may expose this problem to unauthorized attackers.
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
secunia.com/advisories/28359
secunia.com/advisories/28376
secunia.com/advisories/28437
secunia.com/advisories/28438
secunia.com/advisories/28454
secunia.com/advisories/28455
secunia.com/advisories/28464
secunia.com/advisories/28477
secunia.com/advisories/28479
secunia.com/advisories/28679
secunia.com/advisories/28698
secunia.com/advisories/29638
security.gentoo.org/glsa/glsa-200801-15.xml
securitytracker.com/id?1019157
sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
www.debian.org/security/2008/dsa-1460
www.debian.org/security/2008/dsa-1463
www.mandriva.com/security/advisories?name=MDVSA-2008:004
www.postgresql.org/about/news.905
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2008-0038.html
www.redhat.com/support/errata/RHSA-2008-0040.html
www.securityfocus.com/archive/1/485864/100/0/threaded
www.securityfocus.com/archive/1/486407/100/0/threaded
www.securityfocus.com/bid/27163
www.vupen.com/english/advisories/2008/0061
www.vupen.com/english/advisories/2008/0109
www.vupen.com/english/advisories/2008/1071/references
access.redhat.com/errata/RHSA-2008:0038
exchange.xforce.ibmcloud.com/vulnerabilities/39499
issues.rpath.com/browse/RPL-1768
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
usn.ubuntu.com/568-1/
www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html