In association with heise online

07 February 2007, 12:51

New versions of PostgreSQL

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The vendor of PostgreSQL has taken care of two holes that attackers can exploit to crash a system and possibly even to gain access to sensitive data. Both PostgreSQL 7 and 8 are affected. The problems have been remedied in 8.0.11, 7.4.16, and 7.3.13, but versions 8.2.2 and 8.1.7, also released as a remedy for the flaws, seem to have troubles of their own.

According to a posting on the PGSQL-announce mailing list, 8.2.2 and 8.1.7 have serious issues with variable-length datatypes when used with type constraints or expression indexes. The PGSQL developers advise admins to wait for new minor releases for their 8.2 and 8.1 versions, presumably 8.2.3 and 8.1.8, which are to be released within the next two days.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit