PostgreSQL 7.2.2 security release
Submitted by charlie.collins on Mon, 08/26/2002 - 08:12
Tagged:
From:
"Marc G. Fournier" <scrappy@hub.org>
To:
pgsql-announce@postgresql.org
Subject:
[GENERAL] PostgreSQL 7.2.2: Security Release
Date:
Sat, 24 Aug 2002 00:22:17 -0300 (ADT)
Cc:
freebsd-databases@freebsd.org, <pgsql-general@postgresql.org>, Vince
No comments have been posted. Log in to post comments.
Vielhaber <vev@michvhf.com> Due to recent security vulnerabilities reported on BugTraq, concerning several buffer overruns found in PostgreSQL, the PostgreSQL Global Development Team today released v7.2.2 of PostgreSQL that fixes these vulnerabilities. The following buffer overruns have been identified and addressed: ... in handling long datetime input ... in repeat() ... in lpad() and rpad() with multibyte ... in SET TIME ZONE and TZ env var Although v7.2.2 is a purely plug-n-play upgrade from v7.2.1, requiring no dump-n-reload of the database, it should be noted that these vulnerabilities are only critical on "open" or "shared" systems, as they require the ability to be able to connect to the database before they can be exploited. The latest release is available at: ftp://ftp.postgresql.org/pub/sources/v7.2.2 As well as at appropriate mirror sites. Please report any bugs/problems with this release to: pgsql-bugs@postgresql.org Marc G. Fournier Co-ordinator PostgreSQL Global Development Group
No comments have been posted. Log in to post comments.
Recent comments
22 weeks 2 days ago
22 weeks 2 days ago
24 weeks 6 days ago
25 weeks 4 days ago
25 weeks 4 days ago
25 weeks 4 days ago
30 weeks 1 day ago
30 weeks 2 days ago
30 weeks 5 days ago
31 weeks 5 hours ago