PostgreSQL -- minor security problems.
PostgreSQL project reports:
Two security issues have been fixed in this release which affect
users of specific PostgreSQL features.
- CVE-2015-5289 json or jsonb input values constructed from
arbitrary user input can crash the PostgreSQL server and cause a denial of
- CVE-2015-5288: The crypt() function included with the optional pgCrypto
extension could be exploited to read a few additional bytes of memory.
No working exploit for this issue has been developed.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright