CVE-2014-0066

Priority
Medium
Description
The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16,
9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not
properly check the return value of the crypt library function, which allows
remote authenticated users to cause a denial of service (NULL pointer
dereference and crash) via unspecified vectors.
References
Bugs
Package
Upstream:released (9.1.12)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (9.1.12-0ubuntu0.12.04)
Ubuntu 12.10 (Quantal Quetzal):released (9.1.12-0ubuntu0.12.10)
Ubuntu 13.10 (Saucy Salamander):released (9.1.12-0ubuntu0.13.10)
Ubuntu 14.04 LTS (Trusty Tahr):released (9.1.12-1)
Package
Upstream:released (9.3.3)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (9.3.3-1)
Package
Upstream:released (8.4.20)
Ubuntu 10.04 LTS (Lucid Lynx):released (8.4.20-0ubuntu010.04)
Ubuntu 12.04 LTS (Precise Pangolin):needed
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2014-04-18 13:18:41 UTC (commit 7949)