FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
07234e78-e899-11e1-b38d-0023ae8e59f0databases/postgresql*-server -- multiple vulnerabilities

The PostgreSQL Global Development Group reports:

The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This update patches security holes associated with libxml2 and libxslt, similar to those affecting other open source projects. All users are urged to update their installations at the first available opportunity

Users who are relying on the built-in XML functionality to validate external DTDs will need to implement a workaround, as this security patch disables that functionality. Users who are using xslt_process() to fetch documents or stylesheets from external URLs will no longer be able to do so. The PostgreSQL project regrets the need to disable both of these features in order to maintain our security standards. These security issues with XML are substantially similar to issues patched recently by the Webkit (CVE-2011-1774), XMLsec (CVE-2011-1425) and PHP5 (CVE-2012-0057) projects.


Discovery 2012-08-17
Entry 2012-08-17
postgresql-server
gt 8.3.* lt 8.3.20

gt 8.4.* lt 8.4.13

gt 9.0.* lt 9.0.9

gt 9.1.* lt 9.1.5

CVE-2012-3488
CVE-2012-3489
http://www.postgresql.org/about/news/1407/
0b2b4b4d-a07c-11da-be0a-000c6ec775d9postgresql81-server -- SET ROLE privilege escalation

The PostgreSQL team reports:

Due to inadequate validity checking, a user could exploit the special case that SET ROLE normally uses to restore the previous role setting after an error. This allowed ordinary users to acquire superuser status, for example.


Discovery 2006-02-14
Entry 2006-02-18
Modified 2006-08-13
postgresql-server
ge 8.1.0 lt 8.1.3

CVE-2006-0553
http://www.postgresql.org/docs/8.1/static/release.html#RELEASE-8-1-3
17f53c1d-2ae9-11db-a6e2-000e0c2e438apostgresql -- encoding based SQL injection

The PostgreSQL development team reports:

An attacker able to submit crafted strings to an application that will embed those strings in SQL commands can use invalidly-encoded multibyte characters to bypass standard string-escaping methods, resulting in possible injection of hostile SQL commands into the database. The attacks covered here work in any multibyte encoding.

The widely-used practice of escaping ASCII single quote "'" by turning it into "\'" is unsafe when operating in multibyte encodings that allow 0x5c (ASCII code for backslash) as the trailing byte of a multibyte character; this includes at least SJIS, BIG5, GBK, GB18030, and UHC. An application that uses this conversion while embedding untrusted strings in SQL commands is vulnerable to SQL-injection attacks if it communicates with the server in one of these encodings. While the standard client libraries used with PostgreSQL have escaped "'" in the safe, SQL-standard way of "''" for some time, the older practice remains common.


Discovery 2006-05-11
Entry 2006-08-13
postgresql
postgresql-server
ja-postgresql
ge 7.3 lt 7.3.15

ge 7.4 lt 7.4.13

ge 8.0.0 lt 8.0.8

ge 8.1.0 lt 8.1.4

18092
CVE-2006-2313
CVE-2006-2314
http://www.postgresql.org/docs/techdocs.50
3f332f16-9b6b-11e2-8fe9-08002798f6ffPostgreSQL -- anonymous remote access data corruption vulnerability

PostgreSQL project reports:

The PostgreSQL Global Development Group has released a security update to all current versions of the PostgreSQL database system, including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update fixes a high-exposure security vulnerability in versions 9.0 and later. All users of the affected versions are strongly urged to apply the update *immediately*.

A major security issue (for versions 9.x only) fixed in this release, [CVE-2013-1899](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899), makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center.

Two lesser security fixes are also included in this release: [CVE-2013-1900](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900), wherein random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess (all versions), and [CVE-2013-1901](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901), which mistakenly allows an unprivileged user to run commands that could interfere with in-progress backups (for versions 9.x only).


Discovery 2013-04-04
Entry 2013-04-04
postgresql-server
ge 8.3.0 lt 8.3.21_1

ge 8.4.0 lt 8.4.17

ge 9.0.0 lt 9.0.13

ge 9.1.0 lt 9.1.9

ge 9.2.0 lt 9.2.4

CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
42d42090-9a4d-11e3-b029-08002798f6ffPostgreSQL -- multiple privilege issues

PostgreSQL Project reports:

This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN OPTION permission. It also fixes multiple privilege escalation issues, including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, and CVE-2014-0066. More information on these issues can be found on our security page and the security issue detail wiki page.

With this release, we are also alerting users to a known security hole that allows other users on the same machine to gain access to an operating system account while it is doing "make check": CVE-2014-0067. "Make check" is normally part of building PostgreSQL from source code. As it is not possible to fix this issue without causing significant issues to our testing infrastructure, a patch will be released separately and publicly. Until then, users are strongly advised not to run "make check" on machines where untrusted users have accounts.


Discovery 2014-02-20
Entry 2014-02-20
postgresql-server
< 8.4.20

ge 9.0.0 lt 9.0.16

ge 9.1.0 lt 9.1.12

ge 9.2.0 lt 9.2.7

ge 9.3.0 lt 9.3.3

CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
51436b4c-1250-11dd-bab7-0016179b2dd5postgresql -- multiple vulnerabilities

The PostgreSQL developers report:

PostgreSQL allows users to create indexes on the results of user-defined functions, known as "expression indexes". This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Both of these holes have now been closed.

PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend.

DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle, but that patch failed to close all forms of the loophole.


Discovery 2008-01-06
Entry 2008-04-24
postgresql
postgresql-server
ge 7.3 lt 7.3.21

ge 7.4 lt 7.4.19

ge 8.0 lt 8.0.15

ge 8.1 lt 8.1.11

ge 8.2 lt 8.2.6

CVE-2007-6600
CVE-2007-4772
CVE-2007-6067
CVE-2007-4769
CVE-2007-6601
27163
http://www.postgresql.org/about/news.905
5d425189-7a03-11d9-a9e7-0001020eed82postgresql -- privilege escalation vulnerability

John Heasman and others disovered that non-privileged users could use the LOAD extension to load arbitrary libraries into the postgres server process space. This could be used by non-privileged local users to execute arbitrary code with the privileges of the postgresql server.


Discovery 2005-01-21
Entry 2005-02-08
postgresql
postgresql-server
ja-postgresql
< 7.3.9

gt 7.4.* lt 7.4.7

gt 8.* lt 8.0.1

postgresql-devel
le 8.0.1,1

12411
CVE-2005-0227
http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php
http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
65c8ecf9-2adb-11db-a6e2-000e0c2e438apostgresql -- multiple vulnerabilities

Multiple vulnerabilities had been reported in various versions of PostgreSQL:

  • The EXECUTE restrictions can be bypassed by using the AGGREGATE function, which is missing a permissions check.
  • A buffer overflow exists in gram.y which could allow an attacker to execute arbitrary code by sending a large number of arguments to a refcursor function, found in gram.y
  • The intagg contributed module allows an attacker to crash the server (Denial of Service) by constructing a malicious crafted array.

Discovery 2005-02-01
Entry 2006-08-13
postgresql
postgresql-server
ja-postgresql
ge 7.2 lt 7.2.7

ge 7.3 lt 7.3.9

ge 7.4 lt 7.4.7

ge 8.0.0 lt 8.0.1

CVE-2005-0244
CVE-2005-0245
CVE-2005-0246
http://secunia.com/advisories/12948
6b4b0b3f-8127-11d9-a9e7-0001020eed82postgresql -- multiple buffer overflows in PL/PgSQL parser

The PL/PgSQL parser in postgresql is vulnerable to several buffer overflows. These could be exploited by a remote attacker to execute arbitrary code with the permissions of the postgresql server by running a specially crafted query.


Discovery 2005-02-07
Entry 2005-02-17
Modified 2005-02-19
postgresql
postgresql-server
ja-postgresql
< 7.3.9_1

gt 7.4.* lt 7.4.7_1

gt 8.* lt 8.0.1_1

CVE-2005-0247
http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php
a8864f8f-aa9e-11e1-a284-0023ae8e59f0databases/postgresql*-server -- crypt vulnerabilities

The PostgreSQL Global Development Group reports:

Today the PHP, OpenBSD and FreeBSD communities announced updates to patch a security hole involving their crypt() hashing algorithms. This issue is described in CVE-2012-2143. This vulnerability also affects a minority of PostgreSQL users, and will be fixed in an update release on June 4, 2012.

Affected users are those who use the crypt(text, text) function with DES encryption in the optional pg_crypto module. Passwords affected are those that contain characters that cannot be represented with 7-bit ASCII. If a password contains a character that has the most significant bit set (0x80), and DES encryption is used, that character and all characters after it will be ignored.


Discovery 2012-05-30
Entry 2012-05-30
Modified 2012-05-31
postgresql-server
gt 8.3.* lt 8.3.18_1

gt 8.4.* lt 8.4.11_1

gt 9.0.* lt 9.0.7_2

gt 9.1.* lt 9.1.3_1

gt 9.2.* lt 9.2.b1_1

CVE-2012-2143
http://www.postgresql.org/about/news/1397/
http://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=932ded2ed51e8333852e370c7a6dad75d9f236f9
e050119b-3856-11df-b2b2-002170daae37postgresql -- bitsubstr overflow

BugTraq reports:

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code with elevated privileges or crash the affected application.


Discovery 2010-01-27
Entry 2010-03-25
postgresql-server
ge 7.4 lt 7.4.28

ge 8.0 lt 8.0.24

ge 8.1 lt 8.1.20

ge 8.2 lt 8.2.16

ge 8.3 lt 8.3.10

ge 8.4 lt 8.4.3

37973
CVE-2010-0442
e7bc5600-eaa0-11de-bd9c-00215c6a37bbpostgresql -- multiple vulnerabilities

PostgreSQL project reports:

PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based PostgreSQL servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended client-hostname restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, which allows remote authenticated users to gain privileges via a table with crafted index functions, as demonstrated by functions that modify (1) search_path or (2) a prepared statement, a related issue to CVE-2007-6600 and CVE-2009-3230.


Discovery 2009-11-20
Entry 2009-12-17
postgresql-client
postgresql-server
ge 7.4 lt 7.4.27

ge 8.0 lt 8.0.23

ge 8.1 lt 8.1.19

ge 8.2 lt 8.2.15

ge 8.3 lt 8.3.9

ge 8.4 lt 8.4.2

CVE-2009-4034
CVE-2009-4136