CVE-2007-6067

Publication date 9 January 2008

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

Status

Package Ubuntu Release Status
postgresql-8.1 8.10 intrepid Not in release
8.04 LTS hardy Not in release
7.10 gutsy Ignored end of life, was needed
7.04 feisty Ignored end of life, was needed
6.10 edgy
Fixed 8.1.11-0ubuntu0.6.10.1
6.06 LTS dapper
Fixed 8.1.11-0ubuntu0.6.06.1
postgresql-8.2 8.10 intrepid Not in release
8.04 LTS hardy
Fixed 8.2.6-1
7.10 gutsy
Fixed 8.2.6-0ubuntu0.7.10.1
7.04 feisty
Fixed 8.2.6-0ubuntu0.7.04.1
6.10 edgy Not in release
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-568-1
    • PostgreSQL vulnerabilities
    • 14 January 2008

Other references