Information Security all in one place!

PostgresSQL: Security Holes Closed

The PostgreSQL development team has published updates for all actively supported branches of its open source relational database to fix bugs and close security holes found in the previous releases.

Versions 9.1.3, 9.0.7, 8.4.11 and 8.3.18 correct a problem that prevented permission checks from being performed and a bug that may result in the successful verification of a spoofed SSL certificate. An input sanitisation error that could be used to execute code when loading a pg_dump file has also been fixed.

These vulnerabilities could be exploited by an attacker to bypass some security restrictions or conduct spoofing attacks and manipulate data. Versions up to and including 9.1.2, 9.0.6, 8.4.10 and 8.3.17 are affected; all users are advised to upgrade.

Read More from the H Online: http://www.h-online.com/security/news/item/PostgreSQL-updates-close-security-holes-1444327.html

Related articles
About these ads

This entry was posted on February 29, 2012 by . It was filed under Enterprise, General Security, Hacking, Network Management, Network Security, Patching, Security, Security Advisory, Vulnerabilities, Zero-Day and was tagged with , , , , , , , , , , , , , , , .

One Response

  1. Pingback: client server architecture

Let's hear what you have to say.

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.