CVE-2014-0063

Publication date 21 February 2014

Last updated 24 July 2024

Ubuntu priority

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
postgresql-8.4	14.10 utopic	Not in release
	14.04 LTS trusty	Not in release
	13.10 saucy	Not in release
	12.10 quantal	Not in release
	12.04 LTS precise	Fixed 8.4.22-0ubuntu0.12.04
	10.04 LTS lucid	Fixed 8.4.20-0ubuntu010.04
postgresql-9.1	14.10 utopic	Not in release
	14.04 LTS trusty	Fixed 9.1.12-1
	13.10 saucy	Fixed 9.1.12-0ubuntu0.13.10
	12.10 quantal	Fixed 9.1.12-0ubuntu0.12.10
	12.04 LTS precise	Fixed 9.1.12-0ubuntu0.12.04
	10.04 LTS lucid	Not in release
postgresql-9.3	14.10 utopic	Not in release
	14.04 LTS trusty	Fixed 9.3.3-1
	13.10 saucy	Not in release
	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	10.04 LTS lucid	Not in release

References

Related Ubuntu Security Notices (USN)

USN-2120-1
PostgreSQL vulnerabilities
24 February 2014

CVE-2014-0063

Status

References

Related Ubuntu Security Notices (USN)

Other references