Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: New PostgreSQL versions released (SQL injection issue with multi-byte encodings) - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New PostgreSQL versions released (SQL injection issue with multi-byte encodings)
Would be a good idea to check any PostgreSQL installations (full, embedded, and drivers).

The following new versions are available:
7.3.15, 7.4.13, 8.0.8, 8.1.4

Updated drivers for ODBC, Ruby, Perl, .Net, and C++ will be released shortly.

I'll update the diary with info on any good tools to test installations for this issue.

References:
http://www.newsforge.com/article.pl?sid=06/05/23/2141246
http://www.postgresql.org/docs/techdocs.52
http://shiflett.org/archive/184

Robert

49 Posts

Sign Up for Free or Log In to start participating in the conversation!