EMS logo

Products Navigation

choose your database tool

Our Partnership Status

Microsoft Certified Partner
Oracle Certified Partner
Embarcadero Technology Partner

SQL Industry News

PostgreSQL News

05/11/2005
PostgreSQL Security Releases

In order to address several security issues identified over the past two weeks, as well as one "low probability" race condition, PostgreSQL Development Team released new version of PostgreSQL as far back as the 7.2.x branch.

Please note that the security issues were those already reported by Tom Lane, as well as a manual fix for them. These releases are mainly to ensure that those installing and/or upgrading existing installations have those fixes automatically.

For details on the fixes, please see the HISTORY file included in the Release, but a summary consists of:

  • Change encoding function signature to prevent misuse
  • Change "contrib/tsearch2" to avoid unsafe use of INTERNAL function results
  • Repair race condition between relation extension and VACUUM
    This could theoretically have caused loss of a page's worth of freshly-inserted data, although the scenario seems of very low probability. There are no known cases of it having caused more than an Assert failure.

Downloads are available via download page.

Please report any bugs to: pgsql-bugs@postgresql.org

Source: www.postgresql.org.

twitterfacebook