CVE-2007-4769

Publication date 9 January 2008

Last updated 24 July 2024

Ubuntu priority

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
postgresql-8.1	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Ignored
	7.04 feisty	Ignored
	6.10 edgy	Fixed 8.1.11-0ubuntu0.6.10.1
	6.06 LTS dapper	Fixed 8.1.11-0ubuntu0.6.06.1
postgresql-8.2	8.10 intrepid	Not in release
	8.04 LTS hardy	Fixed 8.2.6-1
	7.10 gutsy	Fixed 8.2.6-0ubuntu0.7.10.1
	7.04 feisty	Fixed 8.2.6-0ubuntu0.7.04.1
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-568-1
PostgreSQL vulnerabilities
14 January 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2007-4769