Operating System:

[Debian]

Published:

15 February 2016

Protect yourself against future threats.

//Service

AusCERT Education

Enhance your knowledge with our exceptional one day training offerings for individuals and organisations

Read more
Resources > Security Bulletins > ESB-2016.0357 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0357
                        postgresql security updates
                             15 February 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           postgresql
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   Debian GNU/Linux 8
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Increased Privileges            -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
                   Access Confidential Data        -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-0773 CVE-2016-0766 CVE-2015-5288

Reference:         ASB-2015.0098

Original Bulletin: 
   http://www.debian.org/security/2016/dsa-3475
   http://www.debian.org/security/2016/dsa-3476

Comment: This bulletin contains two (2) Debian security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3475-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 13, 2016                     https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : postgresql-9.1
CVE ID         : CVE-2015-5288 CVE-2016-0766 CVE-2016-0773

Several vulnerabilities have been found in PostgreSQL-9.1, a SQL
database system.

CVE-2015-5288

    Josh Kupershmidt discovered a vulnerability in the crypt() function
    in the pgCrypto extension. Certain invalid salt arguments can cause
    the server to crash or to disclose a few bytes of server memory.

CVE-2016-0766

    A privilege escalation vulnerability for users of PL/Java was
    discovered. Certain custom configuration settings (GUCs) for PL/Java
    will now be modifiable only by the database superuser to mitigate
    this issue.

CVE-2016-0773

    Tom Lane and Greg Stark discovered a flaw in the way PostgreSQL
    processes specially crafted regular expressions. Very large
    character ranges in bracket expressions could cause infinite
    loops or memory overwrites. A remote attacker can exploit this
    flaw to cause a denial of service or, potentially, to execute
    arbitrary code.

For the oldstable distribution (wheezy), these problems have been fixed
in version 9.1.20-0+deb7u1.

We recommend that you upgrade your postgresql-9.1 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWv0ixAAoJEAVMuPMTQ89EuNgP/0azsiP94ZAneKHOfDFrIXvI
DpBxUaAR5NswTCqdaYMhpqZl8NfcpZNfHH9oMCZrTN10kaDJXCyQ/i+pKTIE0xt6
CgLzhf+lsFCxZKFl3+exZ8UN1OHfvl5521Hm6N3QbETWSTcnoPWnR5x7Q0/ESmR0
9OGuW2Z+hmQ0Xu67AgYJQ6OcPAWtipDBbytaRzWXtcmett74W+6kIexG1vvJcuoG
isWLkHpxtkamqroD+RiMi+4GFMx3mID0fhn3T+F61vk6EnoLcgMnRMhXKADRCbvH
JD62DhSuhUl9OzUfYyQ/L/tweTetHZtgfW9cQ8tqAlob2tkJ3bWgfvIOsKg7NgTs
jkUv5vHNhySgD/WHvg8nk77Z7zIJhO+7dOJGXYuN83cpAr3/LfP8VlimXaIyO493
fqtGFN0Drpl1ZeRh1DM4VpYhlKMgpey7bsE4SNnBfhQEaXBcoHJ9WIZWsVQccEdb
VWfkVP6KFL2GgFx2QSOJ9kamdTEv9gX8P3AgEXrL5Cnj9K3gxuKVA6NXWykMbzOz
LWFpunONFVJIBjITTpdE4ubwfYQSYJ7YvJr20Rv69ybVb25YXLR+joBc417FxP7R
PdUVgbzmaiAF7+pWVSZvG8rIhI5R6O3FQtEc+24yr8h/IafkGFOweRuOr2EF6Im4
f9Js/VJ5xe7olIPVSKxZ
=IcKj
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3476-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 13, 2016                     https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : postgresql-9.4
CVE ID         : CVE-2016-0766 CVE-2016-0773

Several vulnerabilities have been found in PostgreSQL-9.4, a SQL
database system.

CVE-2016-0766

    A privilege escalation vulnerability for users of PL/Java was
    discovered. Certain custom configuration settings (GUCs) for PL/Java
    will now be modifiable only by the database superuser to mitigate
    this issue.

CVE-2016-0773

    Tom Lane and Greg Stark discovered a flaw in the way PostgreSQL
    processes specially crafted regular expressions. Very large
    character ranges in bracket expressions could cause infinite
    loops or memory overwrites. A remote attacker can exploit this
    flaw to cause a denial of service or, potentially, to execute
    arbitrary code.

For the stable distribution (jessie), these problems have been fixed in
version 9.4.6-0+deb8u1.

We recommend that you upgrade your postgresql-9.4 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWv0jBAAoJEAVMuPMTQ89EzvwP/jkX+nozpq+265YjViOL6aMa
G5Ldnt78HV7ls2ntbelyVg6lSgNysvjdbyWgT/OCB0F11FTsj4OR0udqLnZzFA7k
JEZnQu3AgIObXJYbjZDwlKS9JSELmz8spjGrPAlGwSdzcr9aXlOhLvagHcwJeZxU
mONY+oxahNxRUOSfonsM3l+YSK1XAoJLTFhl91Au0Sn+L9+kYB3ykOCiSW/H9dEb
Po5dkyyEyNXqTx2XHquKidtst1zx3L/aiichCPcK3QIffs56em3asaPfooPP6nH0
4ybVwLzqOL7DBgpwxspSblhg0ITt2wngcwm1zTMl+mRv++bJkfu4iEMrHF/MMLn3
yqHBLMiu7WmiZVf7Hg3TTX2RnuAbT5cdJC/p2xV4/fuJ+zwvIrPW8AvwjI2FGRU+
sakQzNCe4Hbtx0zAB4DgHIefSbQddUmi47UU1JD8o0SQkNCwgMywMuqmFHi4x0ZO
DIEC3QE4azJNZ6I2hqzhPWChcODTWvpuYBLkH7BH8DuIDHLcwmO1nPKPB0t8ZBI1
Fm5BxEwH86XfOYp7vC5ZHK1i3kbYH4jmTRQYfcR8wwLvaTc7/ZQ86/dNEqDTpF8c
cxgiBEZLr6GYfOocR/YBR6qE2dHsS6iL1UpeDI+BashbUdd7HZHExvojk8x8B3Hy
D52qz20+Vw4WO4j8WRX/
=Svoo
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVsEqrX6ZAP0PgtI9AQIzOhAAjqaOBpXomYR9YODFB0g3cOVc4EA09QDY
qwMaYexLwXPwEKfTZk5BuKuLsgeQGAflhyDLYHQtXpBR+JbjHK/gLd1ca5Ocu4mN
jy05CPQgUEHpGguXMxT/S4UXE9/zndfPhqliePEvlTfO2MpBrOzMj/HXT9q0dab9
T01q50p6gr8I0wb+Jn1yw0qnEHRa8zzmhXIPrrbMvldV/2tONQqnuEqE2P+VWT5k
DSuiKKgSgdY+aazpuWHsj2N/os6X/m99MdOUFCtH/tK11z2zfwvsGY/8bgWZmca8
aNDRUY9lwwVQkThkIsSA7umL1nEe30Fk2P7PsSayo7M9yEfSPs/dcWtRHuNDIRoS
we1eDGWA8EZ5e3THdZiRMbt2RXJOiiuo+TnkkWcLfm/yEXt1EKBYJeYWE83SJ5W/
9Z8/U2Rmq/4ml7a+nJaJkf2hRGCwII7Lg8bkqqEhfqMOddVi4A/naAxK9pyc+6Zk
/01iGhCHJVr/Y8NwllEwfnjR6RUfwm153KLkHr8Wm4Kyu7Syw1xtPCsSuz78yZtk
k/FRYnuQOtErVPGJ5uu7SUBXmfXXjDxWxHcjMokeZBi9zB8BHnWN6DoZfPpTiS3z
EVBDwK8DbtEdHnBhqJ/zWtiZ0J52pm0lJq5vU7fek79fz0+6C7QropLNZ0u7c3SF
lLw7jn7xdYc=
=ngub
-----END PGP SIGNATURE-----