Upstream information

CVE-2012-2655 at MITRE

Description

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.00
Vector AV:N/AC:L/Au:S/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 765069 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • libecpg6 >= 9.3.5-2.3
  • libpq5 >= 9.3.5-2.3
  • libpq5-32bit >= 9.3.5-2.3
  • postgresql93 >= 9.3.5-2.24
Patchnames:
SUSE Linux Enterprise Desktop 12 GA libecpg6
SUSE Linux Enterprise Desktop 12 SP1
  • libecpg6 >= 9.4.5-4.1
  • libpq5 >= 9.4.5-4.1
  • libpq5-32bit >= 9.4.5-4.1
  • postgresql94 >= 9.4.5-4.5
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA libecpg6
SUSE Linux Enterprise Desktop 12 SP2
  • libecpg6 >= 9.4.9-14.1
  • libpq5 >= 9.4.9-14.1
  • libpq5-32bit >= 9.4.9-14.1
  • postgresql94 >= 9.4.9-14.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA libecpg6
SUSE Linux Enterprise Server 12 SP2
  • libecpg6 >= 9.4.9-14.1
  • libpq5 >= 9.4.9-14.1
  • libpq5-32bit >= 9.4.9-14.1
  • postgresql94 >= 9.4.9-14.1
  • postgresql94-contrib >= 9.4.9-14.1
  • postgresql94-docs >= 9.4.9-14.1
  • postgresql94-server >= 9.4.9-14.1
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA libecpg6
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise Desktop 11 SP2
  • postgresql >= 8.3.20-0.4.1
  • postgresql-init >= 9.1-0.6.10.1
sles11-sp1-vmware.x86-64
sled11-sp1.x86-64
sles11-sp2.ppc
sled11-sp2.x86-64
sles11-sp2.s390x
sles11-sp1.x86-64
sles11-sp1.ia64
sles11-sp1.s390x
sles11-sp1.ppc
sled11-sp1.x86
sles11-sp2.x86
sles11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.x86
sles11-sp2.ia64
sled11-sp2.x86
SAT Patch Nr: 6697
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP2
  • postgresql >= 8.3.20-0.4.1
  • postgresql-contrib >= 8.3.20-0.4.1
  • postgresql-docs >= 8.3.20-0.4.1
  • postgresql-init >= 9.1-0.6.10.1
  • postgresql-server >= 8.3.20-0.4.1
sles11-sp1-vmware.x86-64
sled11-sp1.x86-64
sles11-sp2.ppc
sled11-sp2.x86-64
sles11-sp2.s390x
sles11-sp1.x86-64
sles11-sp1.ia64
sles11-sp1.s390x
sles11-sp1.ppc
sled11-sp1.x86
sles11-sp2.x86
sles11-sp2.x86-64
sles11-sp1-vmware.x86
sles11-sp1.x86
sles11-sp2.ia64
sled11-sp2.x86
SAT Patch Nr: 6697
SUSE Linux Enterprise Desktop 10 SP4 for x86
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-libs >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-libs >= 8.1.23-0.11.1
  • postgresql-libs-32bit >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for X86-64
SLE SDK 10 SP4 for x86
  • postgresql >= 8.1.23-0.11.1
  • postgresql-contrib >= 8.1.23-0.11.1
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-docs >= 8.1.23-0.11.1
  • postgresql-pl >= 8.1.23-0.11.1
  • postgresql-server >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
SUSE Linux Enterprise Server 10 SP4 for x86
  • postgresql >= 8.1.23-0.11.1
  • postgresql-contrib >= 8.1.23-0.11.1
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-docs >= 8.1.23-0.11.1
  • postgresql-libs >= 8.1.23-0.11.1
  • postgresql-pl >= 8.1.23-0.11.1
  • postgresql-server >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
SUSE Linux Enterprise Server 10 SP4 for IPF
  • postgresql >= 8.1.23-0.11.1
  • postgresql-contrib >= 8.1.23-0.11.1
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-docs >= 8.1.23-0.11.1
  • postgresql-libs >= 8.1.23-0.11.1
  • postgresql-libs-x86 >= 8.1.23-0.11.1
  • postgresql-pl >= 8.1.23-0.11.1
  • postgresql-server >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
  • postgresql >= 8.1.23-0.11.1
  • postgresql-contrib >= 8.1.23-0.11.1
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-docs >= 8.1.23-0.11.1
  • postgresql-libs >= 8.1.23-0.11.1
  • postgresql-libs-64bit >= 8.1.23-0.11.1
  • postgresql-pl >= 8.1.23-0.11.1
  • postgresql-server >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
  • postgresql >= 8.1.23-0.11.1
  • postgresql-contrib >= 8.1.23-0.11.1
  • postgresql-devel >= 8.1.23-0.11.1
  • postgresql-docs >= 8.1.23-0.11.1
  • postgresql-libs >= 8.1.23-0.11.1
  • postgresql-libs-32bit >= 8.1.23-0.11.1
  • postgresql-pl >= 8.1.23-0.11.1
  • postgresql-server >= 8.1.23-0.11.1
sle10-sp4-sdk.ia64
sles10-sp4.x86-64
sles10-sp4.ia64
sle10-sp4-sdk.ppc
sled10-sp4.x86-64
sle10-sp4-sdk.s390x
sle10-sp4-sdk.x86-64
sled10-sp4.x86
sles10-sp4.s390x
sle10-sp4-sdk.x86
sles10-sp4.ppc
sles10-sp4.x86
ZYPP Patch Nr: 8311
openSUSE 11.4
  • libecpg6 >= 9.0.10-17.1
  • libecpg6-debuginfo >= 9.0.10-17.1
  • libpq5 >= 9.0.10-17.1
  • libpq5-32bit >= 9.0.10-17.1
  • libpq5-debuginfo >= 9.0.10-17.1
  • libpq5-debuginfo-32bit >= 9.0.10-17.1
  • libpq5-debuginfo-x86 >= 9.0.10-17.1
  • libpq5-x86 >= 9.0.10-17.1
  • postgresql >= 9.0.10-17.1
  • postgresql-contrib >= 9.0.10-17.1
  • postgresql-contrib-debuginfo >= 9.0.10-17.1
  • postgresql-debuginfo >= 9.0.10-17.1
  • postgresql-debugsource >= 9.0.10-17.1
  • postgresql-devel >= 9.0.10-17.1
  • postgresql-devel-debuginfo >= 9.0.10-17.1
  • postgresql-docs >= 9.0.10-17.1
  • postgresql-libs >= 9.0.10-17.1
  • postgresql-libs-debugsource >= 9.0.10-17.1
  • postgresql-plperl >= 9.0.10-17.1
  • postgresql-plperl-debuginfo >= 9.0.10-17.1
  • postgresql-plpython >= 9.0.10-17.1
  • postgresql-plpython-debuginfo >= 9.0.10-17.1
  • postgresql-pltcl >= 9.0.10-17.1
  • postgresql-pltcl-debuginfo >= 9.0.10-17.1
  • postgresql-server >= 9.0.10-17.1
  • postgresql-server-debuginfo >= 9.0.10-17.1
Patchnames:
openSUSE-2012-675
openSUSE 13.2
  • libecpg6 >= 9.3.5-2.1.14
  • libpq5 >= 9.3.5-2.1.14
  • libpq5-32bit >= 9.3.5-2.1.14
  • postgresql93 >= 9.3.5-2.1.14
  • postgresql93-contrib >= 9.3.5-2.1.14
  • postgresql93-devel >= 9.3.5-2.1.14
  • postgresql93-docs >= 9.3.5-2.1.14
  • postgresql93-server >= 9.3.5-2.1.14
Patchnames:
openSUSE 13.2 GA libecpg6
openSUSE Leap 42.1
  • libecpg6 >= 9.4.5-1.1
  • libpq5 >= 9.4.5-1.1
  • libpq5-32bit >= 9.4.5-1.1
  • postgresql94 >= 9.4.5-1.2
  • postgresql94-contrib >= 9.4.5-1.2
  • postgresql94-devel >= 9.4.5-1.1
  • postgresql94-docs >= 9.4.5-1.2
  • postgresql94-server >= 9.4.5-1.2
Patchnames:
openSUSE Leap 42.1 GA libecpg6
openSUSE Leap 42.2
  • libecpg6 >= 9.4.9-8.1
  • libpq5 >= 9.4.9-8.1
  • postgresql93-docs >= 9.3.11-4.1
  • postgresql94 >= 9.4.9-8.1
  • postgresql94-contrib >= 9.4.9-8.1
  • postgresql94-devel >= 9.4.9-8.1
  • postgresql94-docs >= 9.4.9-8.1
  • postgresql94-server >= 9.4.9-8.1
Patchnames:
openSUSE Leap 42.2 GA libecpg6
openSUSE Leap 42.2 GA postgresql93-docs