Debian Security Advisory
DSA-2630-1 postgresql-8.4 -- programming error
- Date Reported:
- 20 Feb 2013
- Affected Packages:
- postgresql-8.4
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2013-0255.
- More information:
-
Sumit Soni discovered that PostgreSQL, an object-relational SQL database, could be forced to crash when an internal function was called with invalid arguments, resulting in denial of service.
For the stable distribution (squeeze), this problem has been fixed in version 8.4.16-0squeeze1.
For the testing distribution (wheezy), this problem has been fixed in version 8.4.16-1.
For the unstable distribution (sid), this problem has been fixed in version 8.4.16-1.
We recommend that you upgrade your postgresql-8.4 packages.