[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2012:026 -- Mandriva postgresql

ID: oval:org.secpod.oval:def:302874Date: (C)2012-12-11   (M)2024-02-19
Class: PATCHFamily: unix




Multiple vulnerabilities has been discovered and corrected in postgresql: Permissions on a function called by a trigger are not properly checked . SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities . Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file . This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

Platform:
Mandriva Linux 2011.0
Mandriva Linux 2010.1
Product:
postgresql
Reference:
MDVSA-2012:026
CVE-2012-0868
CVE-2012-0866
CVE-2012-0867
CVE    3
CVE-2012-0868
CVE-2012-0867
CVE-2012-0866
CPE    2
cpe:/o:mandriva:linux:2010.1
cpe:/o:mandriva:linux:2011.0

© SecPod Technologies