CVE-2014-0062

Priority
Description
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE
commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before
9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote
authenticated users to create an unauthorized index or read portions of
unauthorized tables by creating or deleting a table with the same name
during the timing window.
Notes
Package
Upstream:released (8.4.20)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Package
Upstream:released (9.1.12)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [9.1.12-1])
Package
Upstream:released (9.3.3)
Ubuntu 14.04 ESM (Trusty Tahr):released (9.3.3-1)
More Information

Updated: 2019-12-05 21:06:52 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)