PublicDate: 2006-05-24 10:06:00 UTC
Candidate: CVE-2006-2313
References:
 https://ubuntu.com/security/notices/USN-288-1
 https://ubuntu.com/security/notices/USN-288-2
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2313
Description:
 PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13,
 7.3.x before 7.3.15, and earlier versions allows context-dependent
 attackers to bypass SQL injection protection methods in applications via
 invalid encodings of multibyte characters, aka one variant of
 "Encoding-Based SQL Injection."
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_postgresql: not-affected
edgy_postgresql: not-affected
feisty_postgresql: DNE
devel_postgresql: DNE
dapper_postgresql-7.4: needed
edgy_postgresql-7.4: released (7.4.13-4)
feisty_postgresql-7.4: DNE
devel_postgresql-7.4: DNE
dapper_postgresql-8.1: released (8.1.9-0ubuntu0.6.06)
edgy_postgresql-8.1: released (8.1.9-0ubuntu0.6.10)
feisty_postgresql-8.1: released (8.1.8-1ubuntu3)
devel_postgresql-8.1: released (8.1.8-1ubuntu3)
dapper_postgresql-8.2: DNE
edgy_postgresql-8.2: DNE
feisty_postgresql-8.2: released (8.2.4-0ubuntu0.7.04)
devel_postgresql-8.2: released (8.2.5-1)
upstream_postgresql: needs-triage
upstream_postgresql-7.4: needs-triage
upstream_postgresql-8.1: needs-triage
upstream_postgresql-8.2: needs-triage