It was found that the buffers used to hold datetime output were too small. Long output could lead to a stack-based buffer overflow, possibly allowing an authenticated database user to crash the PostgreSQL server or execute arbitrary code. Acknowledgements: Red Hat would like to thank the PostgreSQL project for reporting this issue. Upstream acknowledges Noah Misch as the original reporter.
This is now public: https://github.com/postgres/postgres/commit/4318daecc959886d001a6e79c6ea853e8b1dfb4b
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2014:0211 https://rhn.redhat.com/errata/RHSA-2014-0211.html
This issue has been addressed in following products: Red Hat Software Collections for RHEL-6 Via RHSA-2014:0221 https://rhn.redhat.com/errata/RHSA-2014-0221.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0249 https://rhn.redhat.com/errata/RHSA-2014-0249.html
This issue has been addressed in following products: CloudForms Management Engine 5.x Via RHSA-2014:0469 https://rhn.redhat.com/errata/RHSA-2014-0469.html