PostgresSQL: Security Holes Closed
Versions 9.1.3, 9.0.7, 8.4.11 and 8.3.18 correct a problem that prevented permission checks from being performed and a bug that may result in the successful verification of a spoofed SSL certificate. An input sanitisation error that could be used to execute code when loading a pg_dump file has also been fixed.
These vulnerabilities could be exploited by an attacker to bypass some security restrictions or conduct spoofing attacks and manipulate data. Versions up to and including 9.1.2, 9.0.6, 8.4.10 and 8.3.17 are affected; all users are advised to upgrade.
Read More from the H Online: http://www.h-online.com/security/news/item/PostgreSQL-updates-close-security-holes-1444327.html
- Installing Postgres (PostgreSQL) in Cpanel Server (pankajkhalkar.wordpress.com)
- PostgreSQL Plus Cloud Database (i-programmer.info)
- New ‘HTTPS Everywhere’ Version Warns Users About Web Security Holes (bespacific.com)