DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 17th May 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default PostgreSQL developers fix vulnerabilities

From http://www.h-online.com/security/new...s-1001307.html

Quote:
PostgreSQL 7 and 8 users are advised to update their installations as the development team has released new versions which fix a vulnerability classed as moderately severe in PL/perl and PL/tcl. CVE-2010-1169, CVE-2010-1447 and CVE-2010-1170 reports detail the vulnerabilities involved.

The changes include the removal of the Safe.pm module, which acted as a kind of sandbox for Perl programs. Instead, PostgreSQL code now includes a hard-wired list of permissible Perl operators. According to the release notes, one side effect of this is that stored procedures written in Perl now compile more quickly.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The top ten security holes for web developers J65nko News 1 26th April 2010 05:11 AM
Vulnerabilities in sudo closed J65nko News 0 1st March 2010 05:16 PM
75% of Linux code now written by paid developers J65nko News 4 22nd January 2010 03:42 AM
[survey] Developers' motivation ArjendeLangen Off-Topic 5 27th July 2009 03:56 AM
DNS Security: Old Vulnerabilities, New Exploits with Cricket Liu crayoxide Off-Topic 8 23rd July 2008 08:09 AM


All times are GMT. The time now is 07:43 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick