CVE-2015-3166

Priority
Description
The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before
9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2
does not properly handle system-call errors, which allows attackers to
obtain sensitive information or have other unspecified impact via unknown
vectors, as demonstrated by an out-of-memory error.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.1.16)
Ubuntu 12.04 ESM (Precise Pangolin):released (9.1.16-0ubuntu0.12.04)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [9.1.16-0ubuntu0.14.04])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.3.7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (9.3.7-0ubuntu0.14.04)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.4.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 18:41:02 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)