View Single Post
  #1   (View Single Post)  
Old 17th May 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default PostgreSQL developers fix vulnerabilities

From http://www.h-online.com/security/new...s-1001307.html

Quote:
PostgreSQL 7 and 8 users are advised to update their installations as the development team has released new versions which fix a vulnerability classed as moderately severe in PL/perl and PL/tcl. CVE-2010-1169, CVE-2010-1447 and CVE-2010-1170 reports detail the vulnerabilities involved.

The changes include the removal of the Safe.pm module, which acted as a kind of sandbox for Perl programs. Instead, PostgreSQL code now includes a hard-wired list of permissible Perl operators. According to the release notes, one side effect of this is that stored procedures written in Perl now compile more quickly.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote