| Revision Date: | 2019-01-25 | Version: | 1 | | Title: | CVE-2017-18359 on Ubuntu 18.10 (cosmic) - medium. | | Description: | PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted ST_AsX3D function input, as demonstrated by an abnormal server termination for "SELECT ST_AsX3D('LINESTRING EMPTY');" because empty geometries are mishandled.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2017-18359
| | Platform(s): | Ubuntu 18.10
| Product(s): | | | Definition Synopsis | | Ubuntu 18.10 (cosmic) is installed. AND Package Information
NOT liblwgeom-2.4-0 package in cosmic, while related to the CVE in some way, is not affected.
OR NOT postgis package in cosmic, while related to the CVE in some way, is not affected.
OR NOT postgis-gui package in cosmic, while related to the CVE in some way, is not affected.
OR NOT postgresql-10-postgis-2.4 package in cosmic, while related to the CVE in some way, is not affected.
OR NOT postgresql-10-postgis-2.4-scripts package in cosmic, while related to the CVE in some way, is not affected.
OR NOT postgresql-10-postgis-scripts package in cosmic, while related to the CVE in some way, is not affected.
|
|