Your submission was sent successfully! Close

CVE-2014-0061

Published: 21 February 2014

The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.

Priority

Medium

Status

Package Release Status
postgresql-8.4
Launchpad, Ubuntu, Debian
lucid
Released (8.4.20-0ubuntu010.04)
precise
Released (8.4.22-0ubuntu0.12.04)
quantal Does not exist

saucy Does not exist

trusty Does not exist

upstream
Released (8.4.20)
utopic Does not exist

postgresql-9.1
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (9.1.12-0ubuntu0.12.04)
quantal
Released (9.1.12-0ubuntu0.12.10)
saucy
Released (9.1.12-0ubuntu0.13.10)
trusty Does not exist
(trusty was released [9.1.12-1])
upstream
Released (9.1.12)
utopic Does not exist

postgresql-9.3
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

trusty
Released (9.3.3-1)
upstream
Released (9.3.3)
utopic Does not exist