PostgreSQL contains several vulnerabilities which could lead to execution of arbitrary code, Denial of Service and security bypass.
Package | dev-db/postgresql on all architectures |
---|---|
Affected versions | < 7.3.10 < 7.4.7 < 8.0.1 |
Unaffected versions | = 7.3* = 7.4* >= 8.0.1 |
PostgreSQL is a SQL compliant, open source object-relational database management system.
PostgreSQL's contains several vulnerabilities:
An attacker could exploit this to execute arbitrary code with the privileges of the PostgreSQL server, bypass security restrictions and crash the server.
There is no know workaround at this time.
All PostgreSQL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose dev-db/postgresql
Release date
February 07, 2005
Latest revision
June 26, 2007: 06
Severity
normal
Exploitable
remote and local
Bugzilla entries