Several security issues were fixed in PostgreSQL.
Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. (CVE-2015-3165)
25 May 2015
A security issue affects these releases of Ubuntu and its derivatives:
Several security issues were fixed in PostgreSQL.
Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled authentication timeouts. A remote attacker could use this flaw to cause the unauthenticated session to crash, possibly leading to a security issue. (CVE-2015-3165)
Noah Misch discovered that PostgreSQL incorrectly handled certain standard library function return values, possibly leading to security issues. (CVE-2015-3166)
Noah Misch discovered that the pgcrypto function could return different error messages when decrypting using an incorrect key, possibly leading to a security issue. (CVE-2015-3167)
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.