Wind River Support Network

HomeDefectsLIN6-9993

Fixed

LIN6-9993 : Security Advisory - postgresql - CVE-2015-0241

Created: Jun 14, 2015 Updated: Dec 3, 2018

Resolved Date: Jul 8, 2015

Previous ID: LIN4-32744

Found In Version: 6.0.0.20

Fix Version: 6.0.0.23

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The PostgreSQL project reports the following issue:

When to_char() processes a numeric formatting template calling for a large number of digits, PostgreSQL would read past the end of a buffer. When processing a crafted timestamp formatting template, PostgreSQL would write past the end of a buffer. Either case could crash the server. We have not ruled out the possibility of attacks that lead to privilege escalation, though they seem unlikely.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0241

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38