Launchpad.net

CVE 2014-8161

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.

Related bugs and status

CVE-2014-8161 (Candidate) is related to these bugs:

Bug #1418928: New upstream microreleases 9.1.15, 9.3.6, 9.4.1

		In	Importance	Status
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.1 (Ubuntu)	Undecided	Invalid
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.3 (Ubuntu)	Undecided	Invalid
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.4 (Ubuntu)	Undecided	Fix Released
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.4 (Ubuntu Utopic)	Undecided	Fix Released
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.1 (Ubuntu Precise)	Undecided	Fix Released
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.4 (Ubuntu Vivid)	Undecided	Fix Released
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.1 (Ubuntu Trusty)	Undecided	Fix Released
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-9.3 (Ubuntu Trusty)	Undecided	Fix Released
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-8.4 (Ubuntu)	Undecided	Invalid
1418928	New upstream microreleases 9.1.15, 9.3.6, 9.4.1	postgresql-8.4 (Ubuntu Lucid)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-8161

Related bugs and status

Related bugs

References