Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[gentoo-announce] GLSA: PostgreSQL
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 16114
Location: Colorado

PostPosted: Tue Aug 27, 2002 4:54 am    Post subject: [gentoo-announce] GLSA: PostgreSQL Reply with quote

Daniel Ahlberg wrote:
- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE :postgresql
SUMMARY :buffer overruns
DATE :2002-08-26 09:40 UTC

- - --------------------------------------------------------------------

OVERVIEW

Several buffer overruns found in PostgreSQL

DETAIL

The PostgreSQL Global Development Team has identified and
addressed the following buffer overruns in PostgreSQL:

* in handling long datetime input
* in repeat()
* in lpad() and rpad() with multibyte
* in SET TIME ZONE and TZ env var

More information can be found on the following adresses:

http://online.securityfocus.com/archive/1/288305/2002-08-16/2002-08-22/0
http://online.securityfocus.com/archive/1/288334/2002-08-16/2002-08-22/0

The advisory sent by The PostgreSQL Global Development Team can be read at

http://online.securityfocus.com/archive/1/288998/2002-08-23/2002-08-29/0

SOLUTION

It is recommended that all Gentoo Linux users who are running
dev-db/postgresql-7.2.1-r2 and earlier update their systems
as follows:

emerge rsync
emerge postgresql
emerge clean

postgresql-7.2.2 is currently only available for x86. Sparc and ppc will
be available when it's been tested on these archs.

- - --------------------------------------------------------------------
Daniel Ahlberg
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
- - --------------------------------------------------------------------


Mailing List Archive: http://lists.gentoo.org/pipermail/gentoo-announce/2002-August/000195.html
_________________
lolgov. 'cause where we're going, you don't have civil liberties.

In Loving Memory
1787 - 2008
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum