In association with heise online

18 March 2009, 12:07

Security update for PostgreSQL

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

PostgreSQL logo The PostgreSQL developers have released new versions of the open source, object oriented, relational database. The new versions, 8.3.7, 8.2.13,8.1.17,8.0.21 and 7.4.25, all address a recursion error that could cause the system to crash when converting data between different encodings. This error could be abused as part of a denial of service attack. The developers recommend [upgrading] updating] to the new versions.

The releases also include up to twelve minor bug fixes, including one in version 8.3 for xpath(). More details are available in the release notes. As with other minor releases, a backup and restore is not necessary. Administrators need only shut down the database and install the new binaries if they are only moving between sequential minor version. If users are upgrading to a higher major version or skipping a set of minor updates, they should refer to the release notes for instructions.

There are only binary versions of 8.2.13 and 8.3.7 for Windows, as 8.0 and 8.1 are no longer supported on the Microsoft operating system.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit