PublicDateAtUSN: 2012-06-05
Candidate: CVE-2012-2655
PublicDate: 2012-07-18 23:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2655
 https://ubuntu.com/security/notices/USN-1461-1
Description:
 PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8,
 and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial
 of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET
 attributes to a procedural language's call handler.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_postgresql-9.1:
upstream_postgresql-9.1: released (9.1.4)
hardy_postgresql-9.1: DNE
lucid_postgresql-9.1: DNE
natty_postgresql-9.1: DNE
oneiric_postgresql-9.1: released (9.1.4-0ubuntu11.10)
precise_postgresql-9.1: released (9.1.4-0ubuntu12.04)
quantal_postgresql-9.1: not-affected (9.1.4-1)
raring_postgresql-9.1: not-affected (9.1.4-1)
devel_postgresql-9.1: not-affected (9.1.4-1)

Patches_postgresql-8.4:
upstream_postgresql-8.4: released (8.4.12)
hardy_postgresql-8.4: DNE
lucid_postgresql-8.4: released (8.4.12-0ubuntu10.04)
natty_postgresql-8.4: released (8.4.12-0ubuntu11.04)
oneiric_postgresql-8.4: ignored (reached end-of-life)
precise_postgresql-8.4: released (8.4.17-0ubuntu12.04)
quantal_postgresql-8.4: DNE
raring_postgresql-8.4: DNE
devel_postgresql-8.4: DNE

Patches_postgresql-8.3:
upstream_postgresql-8.3: released (8.3.19)
hardy_postgresql-8.3: released (8.3.19-0ubuntu8.04)
lucid_postgresql-8.3: DNE
natty_postgresql-8.3: DNE
oneiric_postgresql-8.3: DNE
precise_postgresql-8.3: DNE
quantal_postgresql-8.3: DNE
raring_postgresql-8.3: DNE
devel_postgresql-8.3: DNE

Patches_postgresql-8.2:
upstream_postgresql-8.2: needs-triage
hardy_postgresql-8.2: ignored (reached end-of-life)
lucid_postgresql-8.2: DNE
natty_postgresql-8.2: DNE
oneiric_postgresql-8.2: DNE
precise_postgresql-8.2: DNE
quantal_postgresql-8.2: DNE
raring_postgresql-8.2: DNE
devel_postgresql-8.2: DNE