http://www.postgresql.org/about/news/1456/
> The PostgreSQL Global Development Group has released a security > update to all current versions of the PostgreSQL database system, > including versions 9.2.4, 9.1.9, 9.0.13, and 8.4.17. This update > fixes a high-exposure security vulnerability in versions 9.0 and > later. All users of the affected versions are strongly urged to apply > the update immediately. > > A major security issue fixed in this release, CVE-2013-1899, makes it > possible for a connection request containing a database name that > begins with "-" to be crafted that can damage or destroy files within > a server's data directory. Anyone with access to the port the > PostgreSQL server listens on can initiate this request. This issue > was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open > Source Software Center. Mi sembra una notizia importante da segnalare a tutti considerata la diffusione di PostGIS. Aggiornate, aggiornate, aggiornate. Ciao steko _______________________________________________ [email protected] http://lists.gfoss.it/cgi-bin/mailman/listinfo/gfoss Questa e' una lista di discussione pubblica aperta a tutti. I messaggi di questa lista non hanno relazione diretta con le posizioni dell'Associazione GFOSS.it. 638 iscritti al 28.2.2013
