FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PostgreSQL -- minor security problems.

Affected packages
9.0.0	<=	postgresql90-server	<	9.0.20
9.1.0	<=	postgresql91-server	<	9.1.16
9.2.0	<=	postgresql92-server	<	9.2.11
9.3.0	<=	postgresql93-server	<	9.3.7
9.4.0	<=	postgresql94-server	<	9.4.2

Details

VuXML ID	fc38cd83-00b3-11e5-8ebd-0026551a22dc
Discovery	2015-04-10
Entry	2015-05-22

PostgreSQL project reports:

This update fixes three security vulnerabilities reported in PostgreSQL over the past few months. Nether of these issues is seen as particularly urgent. However, users should examine them in case their installations are vulnerable:.

CVE-2015-3165 Double "free" after authentication timeout.

CVE-2015-3166 Unanticipated errors from the standard library.

CVE-2015-3167 pgcrypto has multiple error messages for decryption with an incorrect key.

[source]

References

CVE Name	CVE-2015-3165
CVE Name	CVE-2015-3166
CVE Name	CVE-2015-3167