CVE-2010-0733
Published: 19 March 2010
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
Priority
Status
Package | Release | Status |
---|---|---|
postgresql-7.4 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
postgresql-8.0 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Needs triage
|
|
postgresql-8.1 Launchpad, Ubuntu, Debian |
dapper |
Released
(8.1.19-0ubuntu0.6.06)
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(8.1.19)
|
|
postgresql-8.2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(8.2.15)
|
|
postgresql-8.3 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Released
(8.3.9-0ubuntu8.04)
|
|
intrepid |
Released
(8.3.9-0ubuntu8.10)
|
|
jaunty |
Released
(8.3.9-0ubuntu9.04)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(8.3.9)
|
|
postgresql-8.4 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Released
(8.4.2-0ubuntu9.10)
|
|
lucid |
Released
(8.4.3-1)
|
|
maverick |
Released
(8.4.3-1)
|
|
natty |
Released
(8.4.3-1)
|
|
oneiric |
Released
(8.4.3-1)
|
|
upstream |
Released
(8.4.2)
|
|
Patches: upstream: http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=64b057e6823655fb6c5d1f24a28f236b94dd6c54 |