Ubuntu Security Notice 933-1 – It was discovered that PostgreSQL did not properly sanitize its input when using substring() with a SELECT statement. A remote authenticated attacker could exploit this to cause a denial of service via application crash.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/89057/USN-933-1.txt
Source: https://packetstormsecurity.com/files/89057/Ubuntu-Security-Notice-933-1.html