[Slackbuilds-users] postgresql vulnerability
Nenad Spirkoski
spiki at verat.net
Mon Apr 30 11:04:55 UTC 2007
Bumping version builds ok... New download link:
ftp://ftp.postgresql.org/pub/source/v8.2.4/postgresql-8.2.4.tar.bz2
About the vuln:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
http://secunia.com/advisories/25019/
http://www.postgresql.org/about/news.791
The PostgreSQL Global Development Group has released updates to patch a
privilege escalation exploit in SECURITY DEFINER functions. The fix is
available in 8.2.4, 8.1.9, 8.0.13, 7.4.17, and 7.3.19 and all users of this
feature are strongly urged to update to the latest minor version and follow
instructions on securing these functions as soon as possible. These minor
releases may also contain other fixes, so all users should review the release
notes an plan to deploy them as needed.
--
Linux: the choice of a GNU generation
-- ksh at cis.ufl.edu put this on Tshirts in '93
More information about the Slackbuilds-users
mailing list