CVE-2006-5540

Publication date 26 October 2006

Last updated 24 July 2024

Ubuntu priority

backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."

Status

Show unmaintained releases

Package	Ubuntu Release	Status
postgresql-7.4	7.04 feisty	Not in release
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected
postgresql-8.0	7.04 feisty	Not in release
	6.10 edgy	Not in release
	6.06 LTS dapper	Not affected
postgresql-8.1	7.04 feisty	Fixed 8.1.8-1ubuntu3
	6.10 edgy	Fixed 8.1.9-0ubuntu0.6.10
	6.06 LTS dapper	Fixed 8.1.9-0ubuntu0.6.06

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-369-2
postgresql-8.1 vulnerabilities
1 November 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-5540