FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-20 09:44:03 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
ca16fd0b-5fd1-11e6-a6f2-6cc21735f730	PostgreSQL -- Denial-of-Service and Code Injection Vulnerabilities PostgreSQL project reports: Security Fixes nested CASE expressions + database and role names with embedded special characters CVE-2016-5423: certain nested CASE expressions can cause the server to crash. CVE-2016-5424: database and role names with embedded special characters can allow code injection during administrative operations like pg_dumpall. Discovery 2016-08-11 Entry 2016-08-11 postgresql91-server >= 9.1.0 lt 9.1.23 postgresql92-server >= 9.2.0 lt 9.2.18 postgresql93-server >= 9.3.0 lt 9.3.11 postgresql94-server >= 9.4.0 lt 9.4.9 postgresql95-server >= 9.5.0 lt 9.5.4 CVE-2016-5423 CVE-2016-5424
e8b6605b-d29f-11e5-8458-6cc21735f730	PostgreSQL -- Security Fixes for Regular Expressions, PL/Java. PostgreSQL project reports: Security Fixes for Regular Expressions, PL/Java CVE-2016-0773: This release closes security hole CVE-2016-0773, an issue with regular expression (regex) parsing. Prior code allowed users to pass in expressions which included out-of-range Unicode characters, triggering a backend crash. This issue is critical for PostgreSQL systems with untrusted users or which generate regexes based on user input. CVE-2016-0766: The update also fixes CVE-2016-0766, a privilege escalation issue for users of PL/Java. Certain custom configuration settings (GUCS) for PL/Java will now be modifiable only by the database superuser Discovery 2016-02-08 Entry 2016-02-12 postgresql91-server >= 9.1.0 lt 9.1.20 postgresql92-server >= 9.2.0 lt 9.2.15 postgresql93-server >= 9.3.0 lt 9.3.11 postgresql94-server >= 9.4.0 lt 9.4.6 postgresql95-server >= 9.5.0 lt 9.5.1 CVE-2016-0773 CVE-2016-0766

VuXML ID

Description

ca16fd0b-5fd1-11e6-a6f2-6cc21735f730

PostgreSQL -- Denial-of-Service and Code Injection Vulnerabilities

PostgreSQL project reports:

Security Fixes nested CASE expressions + database and role names with embedded special characters

CVE-2016-5423: certain nested CASE expressions can cause the server to crash.

CVE-2016-5424: database and role names with embedded special characters can allow code injection during administrative operations like pg_dumpall.

Discovery 2016-08-11
Entry 2016-08-11
postgresql91-server

>= 9.1.0 lt 9.1.23

postgresql92-server

>= 9.2.0 lt 9.2.18

postgresql93-server

>= 9.3.0 lt 9.3.11

postgresql94-server

>= 9.4.0 lt 9.4.9

postgresql95-server

>= 9.5.0 lt 9.5.4

CVE-2016-5423
CVE-2016-5424

e8b6605b-d29f-11e5-8458-6cc21735f730

PostgreSQL -- Security Fixes for Regular Expressions, PL/Java.

PostgreSQL project reports:

Security Fixes for Regular Expressions, PL/Java

CVE-2016-0773: This release closes security hole CVE-2016-0773, an issue with regular expression (regex) parsing. Prior code allowed users to pass in expressions which included out-of-range Unicode characters, triggering a backend crash. This issue is critical for PostgreSQL systems with untrusted users or which generate regexes based on user input.

CVE-2016-0766: The update also fixes CVE-2016-0766, a privilege escalation issue for users of PL/Java. Certain custom configuration settings (GUCS) for PL/Java will now be modifiable only by the database superuser

Discovery 2016-02-08
Entry 2016-02-12
postgresql91-server

>= 9.1.0 lt 9.1.20

postgresql92-server

>= 9.2.0 lt 9.2.15

postgresql93-server

>= 9.3.0 lt 9.3.11

postgresql94-server

>= 9.4.0 lt 9.4.6

postgresql95-server

>= 9.5.0 lt 9.5.1

CVE-2016-0773
CVE-2016-0766