Security 10808 Published by

MandrakeSoft has released a security update for postgresql



The previous update missed a few small fixes, including a buffer overflow in the cash_words() function that allows local users to cause a DoS and possibly execute arbitrary code via a malformed argument in Postgresql 7.2 and earlier. As well, buffer overflows in the TZ and SET TIME ZONE environment variables for Postgresql 7.2.1 and earlier can allow local users to cause a DoS and possibly execute arbitrary code.
Read more