Launchpad.net

CVE 2012-2655

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.

Related bugs and status

CVE-2012-2655 (Candidate) is related to these bugs:

Bug #1008317: New bug fix releases: 8.3.19, 8.4.12, 9.1.4

		In	Importance	Status
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-9.1 (Ubuntu)	Undecided	Fix Released
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-8.4 (Ubuntu)	Undecided	Invalid
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-9.1 (Ubuntu Oneiric)	Undecided	Fix Released
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-8.4 (Ubuntu Lucid)	Undecided	Fix Released
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-9.1 (Ubuntu Quantal)	Undecided	Fix Released
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-8.4 (Ubuntu Natty)	Undecided	Fix Released
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-9.1 (Ubuntu Precise)	Undecided	Fix Released
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-8.3 (Ubuntu)	Undecided	Invalid
1008317	New bug fix releases: 8.3.19, 8.4.12, 9.1.4	postgresql-8.3 (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-2655

Related bugs and status

Related bugs

References