CVE-2015-5288 (retired)

Priority
Description
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x
before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before
9.4.5 allows attackers to cause a denial of service (server crash) or read
arbitrary server memory via a "too-short" salt.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.1.19)
Ubuntu 12.04 ESM (Precise Pangolin):released (9.1.19-0ubuntu0.12.04)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.3.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:released (9.4.5-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-10-09 07:53:19 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)