CVE-2013-1902

Published: 04 April 2013

PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecified impact and attack vectors related to "graphical installers for Linux and Mac OS X."

Priority

Medium

Status

Package Release Status
postgresql-8.2
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-8.3
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-8.4
Launchpad, Ubuntu, Debian
Upstream
Released (8.4.17)
postgresql-9.1
Launchpad, Ubuntu, Debian
Upstream
Released (9.1.9)