CVE-2012-4575
Published: 18 November 2012
The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request.
Priority
Status
Package | Release | Status |
---|---|---|
pgbouncer Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Released
(1.3.1-3ubuntu0.1)
|
|
oneiric |
Released
(1.4.2-1ubuntu0.1)
|
|
precise |
Released
(1.4.2-2ubuntu0.1)
|
|
quantal |
Released
(1.5.2-2ubuntu0.1)
|
|
upstream |
Released
(1.5.2-4)
|
|
Patches: upstream: http://git.postgresql.org/gitweb/?p=pgbouncer.git;a=commitdiff;h=4b92112b820830b30cd7bc91bef3dd8f35305525 |