rss-bot
April 7th, 2009, 11:50 AM
Referenced CVEs:
CVE-2009-0922
Description:
================================================== ========= Ubuntu Security Notice USN-753-1 April 07, 2009 postgresql-8.1, postgresql-8.3 vulnerability CVE-2009-0922 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: postgresql-8.1 8.1.17-0ubuntu0.6.06.1 Ubuntu 8.04 LTS: postgresql-8.3 8.3.7-0ubuntu8.04.1 Ubuntu 8.10: postgresql-8.3 8.3.7-0ubuntu8.10.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that PostgreSQL did not properly handle encoding conversion failures. An attacker could exploit this by sending specially crafted requests to PostgreSQL, leading to a denial of service.
More... (http://www.ubuntu.com/usn/USN-753-1)
CVE-2009-0922
Description:
================================================== ========= Ubuntu Security Notice USN-753-1 April 07, 2009 postgresql-8.1, postgresql-8.3 vulnerability CVE-2009-0922 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: postgresql-8.1 8.1.17-0ubuntu0.6.06.1 Ubuntu 8.04 LTS: postgresql-8.3 8.3.7-0ubuntu8.04.1 Ubuntu 8.10: postgresql-8.3 8.3.7-0ubuntu8.10.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that PostgreSQL did not properly handle encoding conversion failures. An attacker could exploit this by sending specially crafted requests to PostgreSQL, leading to a denial of service.
More... (http://www.ubuntu.com/usn/USN-753-1)