7f54aaa474
A vulnerability allows suppressing the normal checks that a SQL function returns the data type it's declared to do. These errors can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. [CVE-2007-0555] A vulnerability involving changing the data type of a table column can easily be exploited to cause a backend crash, and in principle might be used to read database content that the user should not be able to access. [CVE-2007-0556] The release includes a set of other fixes as well. Please see the release information at http://www.postgresql.org/docs/8.2/static/release-8-2-2.html Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 Security: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 |
||
|---|---|---|
| .. | ||
| files | ||
| distinfo | ||
| Makefile | ||
| pkg-descr | ||
| pkg-install-server | ||
| pkg-plist | ||
| pkg-plist-client | ||
| pkg-plist-contrib | ||
| pkg-plist-plperl | ||
| pkg-plist-plpython | ||
| pkg-plist-pltcl | ||
| pkg-plist-server | ||