SuSE 11.3 Security Update : postgresql91 (SAT Patch Number 10389)

High Nessus Plugin ID 82470


The remote SuSE 11 host is missing one or more security updates.


The PostgreSQL database server was updated to 9.1.15, fixing bugs and security issues :

- Fix buffer overruns in to_char(). (CVE-2015-0241)

- Fix buffer overrun in replacement *printf() functions.

- Fix buffer overruns in contrib/pgcrypto. (CVE-2015-0243)

- Fix possible loss of frontend/backend protocol synchronization after an error. (CVE-2015-0244)

- Fix information leak via constraint-violation error messages (CVE-2014-8161). For a comprehensive list of fixes, please refer to the following release notes :

- .html

- .html

- .html


Apply SAT patch number 10389.

See Also

Plugin Details

Severity: High

ID: 82470

File Name: suse_11_postgresql91-201503-150302.nasl

Version: Revision: 1.4

Type: local

Agent: unix

Published: 2015/03/31

Updated: 2015/05/31

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:libecpg6, p-cpe:/a:novell:suse_linux:11:libpq5, p-cpe:/a:novell:suse_linux:11:libpq5-32bit, p-cpe:/a:novell:suse_linux:11:postgresql91, p-cpe:/a:novell:suse_linux:11:postgresql91-contrib, p-cpe:/a:novell:suse_linux:11:postgresql91-docs, p-cpe:/a:novell:suse_linux:11:postgresql91-server, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2015/03/02

Reference Information

CVE: CVE-2014-8161, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244