Upstream information

CVE-2006-5540 at MITRE

Description

backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4
Vector AV:N/AC:L/Au:S/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 215312 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Open Enterprise Server
  • postgresql >= 7.4.13-0.7
  • postgresql-contrib >= 7.4.13-0.7
  • postgresql-devel >= 7.4.13-0.7
  • postgresql-docs >= 7.4.13-0.7
  • postgresql-libs >= 7.4.13-0.7
  • postgresql-pl >= 7.4.13-0.7
  • postgresql-server >= 7.4.13-0.7
sles9-oes.x86
sles10.s390x
core9.s390
sles10.x86
ZYPP Patch Nr: 2276
Novell Linux Desktop 9 for x86_64
  • postgresql >= 7.4.13-0.7
  • postgresql-contrib >= 7.4.13-0.7
  • postgresql-devel >= 7.4.13-0.7
  • postgresql-docs >= 7.4.13-0.7
  • postgresql-libs >= 7.4.13-0.7
  • postgresql-libs-32bit >= 9-200611160118
  • postgresql-pl >= 7.4.13-0.7
  • postgresql-server >= 7.4.13-0.7
sles9-oes.x86
sles10.s390x
core9.s390
sles10.x86
ZYPP Patch Nr: 2276
SUSE LINUX 10.0
  • postgresql >= 8.0.8-0.4
  • postgresql-contrib >= 8.0.8-0.4
  • postgresql-devel >= 8.0.8-0.4
  • postgresql-docs >= 8.0.8-0.4
  • postgresql-libs >= 8.0.8-0.4
  • postgresql-libs-32bit >= 8.0.8-0.4
  • postgresql-libs-64bit >= 8.0.8-0.4
  • postgresql-pl >= 8.0.8-0.4
  • postgresql-server >= 8.0.8-0.4
SUSE LINUX 9.3
  • postgresql >= 8.0.8-0.4
  • postgresql-contrib >= 8.0.8-0.4
  • postgresql-devel >= 8.0.8-0.4
  • postgresql-docs >= 8.0.8-0.4
  • postgresql-libs >= 8.0.8-0.4
  • postgresql-libs-32bit >= 9.3-7.4
  • postgresql-pl >= 8.0.8-0.4
  • postgresql-server >= 8.0.8-0.4