Security Information / 2013 / Security Information -- DSA-2630-1 postgresql-8.4

Debian Security Advisory

DSA-2630-1 postgresql-8.4 -- programming error

Date Reported:

20 Feb 2013

Affected Packages:

postgresql-8.4

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2013-0255.

More information:

Sumit Soni discovered that PostgreSQL, an object-relational SQL database, could be forced to crash when an internal function was called with invalid arguments, resulting in denial of service.

For the stable distribution (squeeze), this problem has been fixed in version 8.4.16-0squeeze1.

For the testing distribution (wheezy), this problem has been fixed in version 8.4.16-1.

For the unstable distribution (sid), this problem has been fixed in version 8.4.16-1.

We recommend that you upgrade your postgresql-8.4 packages.