New Security Patches in Latest PostgreSQL Release

An update to PostgreSQL has been released that addresses several bugs including two security vulnerabilities. The patches in this release address a privilege escalation issue and another problem that allows an attacker to run arbitrary tcl scripts through the pltcl_modules table.

Even if you don’t have PostgreSQL in production, your developers might have stood up PostgreSQL instances internally as a cost-saving measure for their own development and test platforms.

References:
http://www.postgresql.org/about/news.1203

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

Share

Leave a Reply