PostgreSQL contains several vulnerabilities which could lead to execution of arbitrary code, Denial of Service and security bypass.
|Package||dev-db/postgresql on all architectures|
|Affected versions||< 7.3.10, < 7.4.7, < 8.0.1|
|Unaffected versions||= 7.3*, = 7.4*, >= 8.0.1|
PostgreSQL is a SQL compliant, open source object-relational database management system.
PostgreSQL's contains several vulnerabilities:
An attacker could exploit this to execute arbitrary code with the privileges of the PostgreSQL server, bypass security restrictions and crash the server.
There is no know workaround at this time.
All PostgreSQL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose dev-db/postgresql
February 07, 2005
June 26, 2007: 06
remote and local