CVE-2015-3167

Priority
Description
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x
before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different
error responses when an incorrect key is used, which makes it easier for
attackers to obtain the key via a brute force attack.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.1.16)
Ubuntu 12.04 ESM (Precise Pangolin):released (9.1.16-0ubuntu0.12.04)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [9.1.16-0ubuntu0.14.04])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.3.7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (9.3.7-0ubuntu0.14.04)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.4.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 18:41:02 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)