Oracle Linux 6 : postgresql (ELSA-2015-2081)
Medium Nessus Plugin ID 86926
SynopsisThe remote Oracle Linux host is missing one or more security updates.
DescriptionFrom Red Hat Security Advisory 2015:2081 :
Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
PostgreSQL is an advanced object-relational database management system (DBMS).
A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory.
All PostgreSQL users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.
SolutionUpdate the affected postgresql packages.