Back to bug 1303832
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-02-02 07:43:10 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-02 07:43:10 UTC | Doc Type | --- | Bug Fix |
| Andrej Nemec | 2016-02-02 07:49:49 UTC | Blocks | 1303834 | |
| Pavel Raiskup | 2016-02-02 10:42:07 UTC | CC | pkajaba | |
| Tomas Hoger | 2016-02-10 19:28:32 UTC | Fixed In Version | postgresql 9.5.1, postgresql 9.4.6, postgresql 9.3.11, 9.2.15, postgresql 9.1.20 | |
| Whiteboard | impact=important,public=no,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-122,rhel-5/postgresql=affected,rhel-5/postgresql84=affected,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,fedora-all/postgresql=affected,rhn_satellite_5.7/postgresql92=affected | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-122,rhel-5/postgresql=affected,rhel-5/postgresql84=affected,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,fedora-all/postgresql=affected,rhn_satellite_5.7/postgresql92=affected | ||
| Andrej Nemec | 2016-02-11 13:55:09 UTC | Summary | EMBARGOED CVE-2016-0773 postgresql: buffer overrun in regular expression processing | CVE-2016-0773 postgresql: buffer overrun in regular expression processing |
| Andrej Nemec | 2016-02-11 13:55:18 UTC | Group | security, qe_staff | |
| Andrej Nemec | 2016-02-11 13:55:32 UTC | Depends On | 1306635 | |
| Andrej Nemec | 2016-02-11 13:58:00 UTC | Fixed In Version | postgresql 9.5.1, postgresql 9.4.6, postgresql 9.3.11, 9.2.15, postgresql 9.1.20 | postgresql 9.5.1, postgresql 9.4.6, postgresql 9.3.11, postgresql 9.2.15, postgresql 9.1.20 |
| Joe Rafaniello | 2016-02-11 15:37:58 UTC | CC | jrafanie | |
| Tomas Hoger | 2016-02-15 15:16:07 UTC | Summary | CVE-2016-0773 postgresql: buffer overrun in regular expression processing | CVE-2016-0773 postgresql: case insensitive range handling integer overflow leading to buffer overflow |
| Whiteboard | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-122,rhel-5/postgresql=affected,rhel-5/postgresql84=affected,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,fedora-all/postgresql=affected,rhn_satellite_5.7/postgresql92=affected | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected | ||
| Tomas Hoger | 2016-02-15 15:16:55 UTC | Depends On | 1308597 | |
| Tomas Hoger | 2016-02-15 15:16:59 UTC | Depends On | 1308598 | |
| Tomas Hoger | 2016-02-15 15:17:05 UTC | Depends On | 1308599 | |
| Tomas Hoger | 2016-02-15 15:17:10 UTC | Depends On | 1308600 | |
| Tomas Hoger | 2016-02-15 15:17:16 UTC | Depends On | 1308601 | |
| Tomas Hoger | 2016-02-15 15:17:20 UTC | Depends On | 1308602 | |
| Tomas Hoger | 2016-02-15 15:19:21 UTC | Depends On | 1308604 | |
| Tomas Hoger | 2016-02-15 15:19:25 UTC | Depends On | 1308605 | |
| Tomas Hoger | 2016-02-15 15:50:21 UTC | Whiteboard | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,rhscl-2/rh-postgresql95-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected |
| Tomas Hoger | 2016-02-15 15:50:32 UTC | CC | databases-maint | |
| Tomas Hoger | 2016-02-15 15:51:13 UTC | Depends On | 1308615 | |
| Tomas Hoger | 2016-02-15 17:22:31 UTC | Doc Text | An integer overflow flaw, leading to heap based buffer overflow, was found in the PostgreSQL regular expression handling code. A specially crafted regular expression could cause PostgreSQL to crash or, possibly, execute arbitrary code. | |
| Tomas Hoger | 2016-02-15 19:44:07 UTC | Whiteboard | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,rhscl-2/rh-postgresql95-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,rhscl-2/rh-postgresql95-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected,rhel-5/tcl=notaffected,rhel-6/tcl=notaffected,rhel-7/tcl=notaffected,fedora-all/tcl=notaffected,rhel-6/pl=notaffected,fedora-all/pl=notaffected |
| Tomas Hoger | 2016-02-15 19:44:26 UTC | CC | bagnara, jskarvad, mefoster, ppisar, wart | |
| Summer Long | 2016-02-17 00:20:04 UTC | CC | slong | |
| Doc Text | An integer overflow flaw, leading to heap based buffer overflow, was found in the PostgreSQL regular expression handling code. A specially crafted regular expression could cause PostgreSQL to crash or, possibly, execute arbitrary code. | An integer-overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. | ||
| Martin Prpič | 2016-02-17 09:28:00 UTC | Doc Text | An integer-overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. | An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. |
| John Skeoch | 2016-04-18 09:35:43 UTC | CC | apatters | |
| Kurt Seifried | 2016-04-25 19:40:44 UTC | Whiteboard | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,rhscl-2/rh-postgresql95-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected,rhel-5/tcl=notaffected,rhel-6/tcl=notaffected,rhel-7/tcl=notaffected,fedora-all/tcl=notaffected,rhel-6/pl=notaffected,fedora-all/pl=notaffected | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,rhscl-2/rh-postgresql95-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected,rhel-5/tcl=notaffected,rhel-6/tcl=notaffected,rhel-7/tcl=notaffected,fedora-all/tcl=notaffected,rhel-6/pl=notaffected,fedora-all/pl=notaffected,rhn_satellite_5.7/postgresql=affected |
| Kurt Seifried | 2016-04-25 19:40:56 UTC | CC | meissner, thomas | |
| Kurt Seifried | 2016-04-25 19:42:08 UTC | Depends On | 1330296 | |
| Kurt Seifried | 2016-04-25 19:42:13 UTC | Depends On | 1330297 | |
| PnT Account Manager | 2018-01-30 15:44:24 UTC | CC | taw | |
| PnT Account Manager | 2018-06-10 21:34:14 UTC | CC | pkajaba | |
| PnT Account Manager | 2018-06-29 22:07:00 UTC | CC | kseifried | |
| PnT Account Manager | 2019-01-02 22:42:04 UTC | CC | dclarizi | |
| PnT Account Manager | 2019-04-22 21:30:38 UTC | CC | tjay | |
| Grant Gainey | 2019-05-14 13:38:51 UTC | CC | ggainey | |
| Product Security DevOps Team | 2019-06-08 02:48:05 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:48:05 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:43:28 UTC | Whiteboard | impact=important,public=20160211,reported=20160201,source=upstream,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-190->CWE-122,rhel-5/postgresql=wontfix,rhel-5/postgresql84=wontfix,rhel-6/postgresql=affected,rhel-7/postgresql=affected,rhscl-2/postgresql92-postgresql=affected,rhscl-2/rh-postgresql94-postgresql=affected,rhscl-2/rh-postgresql95-postgresql=affected,cfme-5/postgresql=affected,cfme-5/postgresql92-postgresql=affected,rhn_satellite_5.7/postgresql92=affected,fedora-all/postgresql=affected,rhel-5/tcl=notaffected,rhel-6/tcl=notaffected,rhel-7/tcl=notaffected,fedora-all/tcl=notaffected,rhel-6/pl=notaffected,fedora-all/pl=notaffected,rhn_satellite_5.7/postgresql=affected |
Back to bug 1303832