Hey frenzzz....
Available planned corrective updates for all supported branches of PostgreSQL: 9.1.3 (45 patches), 9.0.7, 8.4.11 and 8.3.18. Issue updates for the 8.2.x branch terminated, users are encouraged to upgrade to the newest branches. Support for PostgreSQL 8.3 will run until February 2013, 8.4 - July 2014, 9.0 - September 2015, 9.1 - September 2016In addition to affecting the stability correction of errors, a new release noted the elimination of the three vulnerabilities:* Lack of verification of access rights to the function when it is called from a trigger. Through the creation of a trigger, users can call the functions in the implementation of which they have no authority (right EXECUTE).* When checking the SSL-certificate, the certificate name truncated to 32 characters.* The names of objects to be placed in the comments box when you create a dump using pg_dump utility does not satisfy the screening of the characters carriage return and line feed, which could be used to initiate the implementation structures of the attacker while loading the dump.
Dont forget to share it... :)
Available planned corrective updates for all supported branches of PostgreSQL: 9.1.3 (45 patches), 9.0.7, 8.4.11 and 8.3.18. Issue updates for the 8.2.x branch terminated, users are encouraged to upgrade to the newest branches. Support for PostgreSQL 8.3 will run until February 2013, 8.4 - July 2014, 9.0 - September 2015, 9.1 - September 2016In addition to affecting the stability correction of errors, a new release noted the elimination of the three vulnerabilities:* Lack of verification of access rights to the function when it is called from a trigger. Through the creation of a trigger, users can call the functions in the implementation of which they have no authority (right EXECUTE).* When checking the SSL-certificate, the certificate name truncated to 32 characters.* The names of objects to be placed in the comments box when you create a dump using pg_dump utility does not satisfy the screening of the characters carriage return and line feed, which could be used to initiate the implementation structures of the attacker while loading the dump.
Dont forget to share it... :)
0 comments:
Post a Comment