postgresql -- buffer overflow

ID DSA-397
Type debian
Reporter Debian
Modified 2003-11-07T00:00:00


Tom Lane discovered a buffer overflow in the to_ascii function in PostgreSQL. This allows remote attackers to execute arbitrary code on the host running the database.

For the stable distribution (woody) this problem has been fixed in version 7.2.1-2woody4.

The unstable distribution (sid) does not contain this problem.

We recommend that you upgrade your postgresql package.