Ubuntu
postgis package

PostGIS DoS vulnerability in Trusty and Xenial

  1. Xenial (16.04)
  2. Bug #1815624
Bug #1815624 reported by Darafei Praliaskouski
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
postgis (Ubuntu)
Fix Released
Undecided
Unassigned
Trusty
Confirmed
Undecided
Unassigned
Xenial
Confirmed
Undecided
Unassigned

Bug Description

PostGIS < 2.3.3 is vulberable. In Ubuntu Trusty and Xenial Postgres can be DoSed via PostGIS. Please upgrade packages.

CVE References

Revision history for this message
Paulo Flabiano Smorigo (pfsmorigo) wrote :

Hello,

I built the package with the fix. Can you please test it and check if the issue was solved? Thanks

https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages?field.name_filter=postgis

summary: - CVE-2017-18359
+ PostGIS DoS vulnerability in Trusty and Xenial
Marc Deslauriers (mdeslaur)
information type: Private Security → Public Security
Changed in postgis (Ubuntu):
status: New → Fix Released
Changed in postgis (Ubuntu Trusty):
status: New → Confirmed
Changed in postgis (Ubuntu Xenial):
status: New → Confirmed
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.