Launchpad.net

CVE 2013-1900

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."

Related bugs and status

CVE-2013-1900 (Candidate) is related to these bugs:

Bug #1163184: New upstream microreleases 9.1.9, 8.4.17

		In	Importance	Status
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-9.1 (Ubuntu)	Critical	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-9.1 (Ubuntu Raring)	Critical	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-9.1 (Ubuntu Oneiric)	Undecided	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-9.1 (Ubuntu Quantal)	Undecided	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-9.1 (Ubuntu Precise)	Undecided	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-8.4 (Ubuntu)	Undecided	Invalid
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-8.4 (Ubuntu Lucid)	Medium	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-8.4 (Ubuntu Precise)	Undecided	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-8.3 (Ubuntu)	Medium	Fix Released
1163184	New upstream microreleases 9.1.9, 8.4.17	postgresql-8.3 (Ubuntu Raring)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-1900

Related bugs and status

Related bugs

References