View Single Post
  #1   (View Single Post)  
Old 7th February 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default PostgreSQL updates to close denial-of-service hole

From http://h-online.com/-1799938

Quote:
A misdeclared enum_recv function within PostgreSQL meant that a simple SQL command was all that was needed to crash PostgreSQL. The hole, assigned the number CVE-2013-0255 for easy identification, could be used to examine the contents of server memory, at least in theory. The PostgreSQL developers have therefore announced the release of updates to PostgreSQL 9.2, 9.1, 9.0, 8.4 and 8.3 to fix the bug and close the hole.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote