Synopsis:          Moderate: postgresql security update
Advisory ID:       SLSA-2015:2081-1
Issue Date:        2015-11-18
CVE Numbers:       CVE-2015-5288
--

A memory leak error was discovered in the crypt() function of the pgCrypto
extension. An authenticated attacker could possibly use this flaw to
disclose a limited amount of the server memory. (CVE-2015-5288)

If the postgresql service is running, it will be automatically restarted
after installing this update.
--

SL6
  x86_64
    postgresql-debuginfo-8.4.20-4.el6_7.i686.rpm
    postgresql-debuginfo-8.4.20-4.el6_7.x86_64.rpm
    postgresql-libs-8.4.20-4.el6_7.i686.rpm
    postgresql-libs-8.4.20-4.el6_7.x86_64.rpm
    postgresql-8.4.20-4.el6_7.i686.rpm
    postgresql-8.4.20-4.el6_7.x86_64.rpm
    postgresql-contrib-8.4.20-4.el6_7.x86_64.rpm
    postgresql-devel-8.4.20-4.el6_7.i686.rpm
    postgresql-devel-8.4.20-4.el6_7.x86_64.rpm
    postgresql-docs-8.4.20-4.el6_7.x86_64.rpm
    postgresql-plperl-8.4.20-4.el6_7.x86_64.rpm
    postgresql-plpython-8.4.20-4.el6_7.x86_64.rpm
    postgresql-pltcl-8.4.20-4.el6_7.x86_64.rpm
    postgresql-server-8.4.20-4.el6_7.x86_64.rpm
    postgresql-test-8.4.20-4.el6_7.x86_64.rpm
  i386
    postgresql-debuginfo-8.4.20-4.el6_7.i686.rpm
    postgresql-libs-8.4.20-4.el6_7.i686.rpm
    postgresql-8.4.20-4.el6_7.i686.rpm
    postgresql-contrib-8.4.20-4.el6_7.i686.rpm
    postgresql-devel-8.4.20-4.el6_7.i686.rpm
    postgresql-docs-8.4.20-4.el6_7.i686.rpm
    postgresql-plperl-8.4.20-4.el6_7.i686.rpm
    postgresql-plpython-8.4.20-4.el6_7.i686.rpm
    postgresql-pltcl-8.4.20-4.el6_7.i686.rpm
    postgresql-server-8.4.20-4.el6_7.i686.rpm
    postgresql-test-8.4.20-4.el6_7.i686.rpm

- Scientific Linux Development Team