~ubuntu-security/ubuntu-cve-tracker/master

PublicDateAtUSN: 2008-01-09
PublicDate: 2008-01-09
Candidate: CVE-2007-4772
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772
 http://www.ubuntu.com/usn/usn-568-1
Description:
 The regular expression parser in TCL before 8.4.17, as used in PostgreSQL
 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before
 7.4.19, allows context-dependent attackers to cause a denial of service
 (infinite loop) via a crafted regular expression.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/postgresql/+bug/181720
 https://bugs.launchpad.net/bugs/199114
Priority: low
Assigned-to: 

Patches_postgresql-8.1:
upstream_postgresql-8.1: 
dapper_postgresql-8.1: released (8.1.11-0ubuntu0.6.06.1)
edgy_postgresql-8.1: released (8.1.11-0ubuntu0.6.10.1)
feisty_postgresql-8.1: needed (reached end-of-life)
gutsy_postgresql-8.1: needed (reached end-of-life)
hardy_postgresql-8.1: DNE
intrepid_postgresql-8.1: DNE
jaunty_postgresql-8.1: DNE
karmic_postgresql-8.1: DNE
lucid_postgresql-8.1: DNE
maverick_postgresql-8.1: DNE
natty_postgresql-8.1: DNE
oneiric_postgresql-8.1: DNE
precise_postgresql-8.1: DNE
quantal_postgresql-8.1: DNE
raring_postgresql-8.1: DNE
devel_postgresql-8.1: DNE

Patches_postgresql-8.2:
upstream_postgresql-8.2: 
dapper_postgresql-8.2: DNE
edgy_postgresql-8.2: DNE
feisty_postgresql-8.2: released (8.2.6-0ubuntu0.7.04.1)
gutsy_postgresql-8.2: released (8.2.6-0ubuntu0.7.10.1)
hardy_postgresql-8.2: released (8.2.6-1)
intrepid_postgresql-8.2: DNE
jaunty_postgresql-8.2: DNE
karmic_postgresql-8.2: DNE
lucid_postgresql-8.2: DNE
maverick_postgresql-8.2: DNE
natty_postgresql-8.2: DNE
oneiric_postgresql-8.2: DNE
precise_postgresql-8.2: DNE
quantal_postgresql-8.2: DNE
raring_postgresql-8.2: DNE
devel_postgresql-8.2: DNE

Patches_tcl8.4:
 upstream: http://tcl.cvs.sourceforge.net/tcl/tcl/generic/regc_nfa.c?r1=1.9&r2=1.10
 upstream: http://tcl.cvs.sourceforge.net/viewvc/tcl/tcl/tests/regexp.test?r1=1.22.2.3&r2=1.22.2.4
upstream_tcl8.4: not-affected (8.4.17)
dapper_tcl8.4: ignored (reached end-of-life)
edgy_tcl8.4: needed (reached end-of-life)
feisty_tcl8.4: needed (reached end-of-life)
gutsy_tcl8.4: needed (reached end-of-life)
hardy_tcl8.4: ignored (reached end-of-life)
intrepid_tcl8.4: not-affected (8.4.19-2)
jaunty_tcl8.4: not-affected (8.4.19-2)
karmic_tcl8.4: not-affected (8.4.19-2)
lucid_tcl8.4: not-affected (8.4.19-2)
maverick_tcl8.4: not-affected (8.4.19-2)
natty_tcl8.4: not-affected (8.4.19-2)
oneiric_tcl8.4: not-affected (8.4.19-2)
precise_tcl8.4: not-affected (8.4.19-2)
quantal_tcl8.4: not-affected (8.4.19-2)
raring_tcl8.4: not-affected (8.4.19-2)
devel_tcl8.4: not-affected (8.4.19-2)

Patches_tcl8.5:
upstream_tcl8.5: not-affected (8.5.1)
dapper_tcl8.5: DNE
edgy_tcl8.5: DNE
feisty_tcl8.5: DNE
gutsy_tcl8.5: DNE
hardy_tcl8.5: not-affected (8.5.0-2ubuntu1)
intrepid_tcl8.5: not-affected (8.5.3-1)
jaunty_tcl8.5: not-affected (8.5.3-1)
karmic_tcl8.5: not-affected (8.5.3-1)
lucid_tcl8.5: not-affected (8.5.3-1)
maverick_tcl8.5: not-affected (8.5.3-1)
natty_tcl8.5: not-affected (8.5.3-1)
oneiric_tcl8.5: not-affected (8.5.3-1)
precise_tcl8.5: not-affected (8.5.3-1)
quantal_tcl8.5: not-affected (8.5.3-1)
raring_tcl8.5: not-affected (8.5.3-1)
devel_tcl8.5: not-affected (8.5.3-1)

Patches_tcl8.3:
 vendor: https://rhn.redhat.com/errata/RHSA-2008-0134.html
upstream_tcl8.3: needs-triage
dapper_tcl8.3: ignored (reached end-of-life)
edgy_tcl8.3: needed (reached end-of-life)
feisty_tcl8.3: needed (reached end-of-life)
gutsy_tcl8.3: needed (reached end-of-life)
hardy_tcl8.3: ignored (reached end-of-life)
intrepid_tcl8.3: not-affected (8.3.5-13)
jaunty_tcl8.3: not-affected (8.3.5-13)
karmic_tcl8.3: not-affected (8.3.5-13)
lucid_tcl8.3: not-affected (8.3.5-13)
maverick_tcl8.3: not-affected (8.3.5-13)
natty_tcl8.3: not-affected (8.3.5-13)
oneiric_tcl8.3: DNE
precise_tcl8.3: DNE
quantal_tcl8.3: DNE
raring_tcl8.3: DNE
devel_tcl8.3: DNE