{"id":218,"date":"2013-04-04T21:15:17","date_gmt":"2013-04-04T21:15:17","guid":{"rendered":"http:\/\/blogs.gentoo.org\/titanofold\/?p=218"},"modified":"2013-04-04T21:15:17","modified_gmt":"2013-04-04T21:15:17","slug":"one-severe-and-multiple-security-fixes-postgresql","status":"publish","type":"post","link":"https:\/\/blogs.gentoo.org\/titanofold\/2013\/04\/04\/one-severe-and-multiple-security-fixes-postgresql\/","title":{"rendered":"One Severe and Multiple Security Fixes – PostgreSQL"},"content":{"rendered":"

If you’re using dev-db\/postgresql-server, update now.<\/p>\n

CVE-2013-1899 <dev-db\/postgresql-server-{9.2.4,9.1.9,9.0.13}\r\n------------------------------------------------------------\r\nA connection request containing a database name that begins\r\nwith \"-\" may be crafted to damage or destroy files within a server's data directory.\r\n\r\nCVE-2013-1900 <dev-db\/postgresql-server-{9.2.4,9.1.9,9.0.13,8.4.17}\r\n-------------------------------------------------------------------\r\nRandom numbers generated by contrib\/pgcrypto functions may be easy for another\r\ndatabase user to guess\r\n\r\nCVE-2013-1901 <dev-db\/postgresql-server-{9.2.4,9.1.9}\r\n-----------------------------------------------------\r\nAn unprivileged user can run commands that could interfere with in-progress backups.<\/pre>\n","protected":false},"excerpt":{"rendered":"
If you’re using dev-db\/postgresql-server, update now. CVE-2013-1899 <dev-db\/postgresql-server-{9.2.4,9.1.9,9.0.13} ———————————————————— A connection request containing a database name that begins with “-” may be crafted to damage or destroy files within a server’s data directory. CVE-2013-1900 <dev-db\/postgresql-server-{9.2.4,9.1.9,9.0.13,8.4.17} ——————————————————————- Random numbers generated by contrib\/pgcrypto functions may be easy for another database user to guess CVE-2013-1901 <dev-db\/postgresql-server-{9.2.4,9.1.9} —————————————————– An … Continue reading One Severe and Multiple Security Fixes – PostgreSQL<\/span><\/a><\/p>\n","protected":false},"author":136,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[3,5,4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p1tO5a-3w","_links":{"self":[{"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/posts\/218"}],"collection":[{"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/users\/136"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/comments?post=218"}],"version-history":[{"count":2,"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/posts\/218\/revisions"}],"predecessor-version":[{"id":220,"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/posts\/218\/revisions\/220"}],"wp:attachment":[{"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/media?parent=218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/categories?post=218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.gentoo.org\/titanofold\/wp-json\/wp\/v2\/tags?post=218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}