CVE-2014-0061

Priority
Medium
Description
The validator functions for the procedural languages (PLs) in PostgreSQL
before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before
9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain
privileges via a function that is (1) defined in another language or (2)
not allowed to be directly called by the user due to permissions.
References
Bugs
Package
Upstream:released (9.1.12)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (9.1.12-0ubuntu0.12.04)
Ubuntu 14.04 LTS (Trusty Tahr):released (9.1.12-1)
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (9.3.3)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (9.3.3-1)
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:released (8.4.20)
Ubuntu 10.04 LTS (Lucid Lynx):released (8.4.20-0ubuntu010.04)
Ubuntu 12.04 LTS (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2014-08-21 02:14:14 UTC (commit 8398)