DoS-Vulnerability in pgbouncer
Bug #1083414 reported by
Christian Kuersteiner
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pgbouncer (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Oneiric |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned | ||
Quantal |
Fix Released
|
Undecided
|
Unassigned | ||
Raring |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
There is a DoS vulnerability in pgbouncer where large database names can lead to server shutdown.
There is a upstream patch fix available (http://
information type: | Private Security → Public Security |
Changed in pgbouncer (Ubuntu): | |
status: | New → Incomplete |
status: | Incomplete → New |
Changed in pgbouncer (Ubuntu Oneiric): | |
status: | Confirmed → Fix Committed |
Changed in pgbouncer (Ubuntu Precise): | |
status: | Confirmed → Fix Committed |
To post a comment you must log in.
The attachment "lp1083414- quantal. debdiff" of this bug report has been identified as being a patch in the form of a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors team please also unsubscribe the team from this bug report.
[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]