spurious.biz ::> IT Department ::> News ::> News-flash 98
secure@  
mine for 
print view
Departments
Corporate network
latest IT news
  • 2005-10-22: Webmail preferences accidentally deleted
  • 2005-09-11: majimoto.net RSS feed
  • 2005-03-30: Cracker attack on spurious.biz network
  • 2005-02-11: phpMyAdmin update
  • 2005-02-11: Webmail update
Read more... RSS feed
availability
spurious business is always available!
 

 News-flash 98 

2004-06-10: cvs and postgresql fixes

cvs (1.11.1p1debian-9woody6) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upsteram patch by Derek Robert Price to fix another vulnerability based on a malformed Entry. [debian/patches/66_CAN-2004-0414] * Only bumped the version number so the package gets rebuild after diskspace issues on klecker -- Martin Schulze Fri, 28 May 2004 06:51:26 +0200 cvs (1.11.1p1debian-9woody5) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upsteram patch by Derek Robert Price to fix another vulnerability based on a malformed Entry. [debian/patches/66_CAN-2004-0414] -- Martin Schulze Fri, 21 May 2004 16:05:01 +0200 postgresql (7.2.1-2woody5) stable-security; urgency=low * Fixed buffer overflow in ODBC driver (src/interfaces/odbc/): added parameter for target buffer size to make_string() to prevent buffer overflows and corrected all calls to it. This fixes #247306 for woody (bug was already closed with the upload to sid). With previous versions it was possible to crash (and possibly exploit) e. g. apache if a PHP script connected to a ODBC database with very long credential strings (DSN, username, password, etc.). Other parts of postgresql are not affected. -- Martin Pitt Thu, 13 May 2004 11:00:07 +0200

Rating: 
Duration: none Priority: non-critical Problem type: unknown Affected host(s): bikr,darourat

Back to News

 
26 Mar 2024, 08:13:15
© 2002-2022 spurious.biz