Fedora 11 advisory: Ocaml-Postgresql 1.12.3 Critical Escape Issue
fedora
November 10, 2009
- New upstream version 1.12.3
Summary
This OCaml-library provides an interface to PostgreSQL, an efficient
and reliable, open source, relational database. Almost all
functionality available through the C-API (libpq) is replicated in a
type-safe way. This library uses objects for representing database
connections and results of queries.
Update Information:
- New upstream version 1.12.3. - This contains a SECURITY fix for: https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml- postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method.
Topics Covered
Change Log
* Fri Oct 16 2009 Richard W.M. Jones
References
[ 1 ] Bug #529325 - CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1)
https://bugzilla.redhat.com/show_bug.cgi?id=529325
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update ocaml-postgresql' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: ocaml-postgresql
Product: Fedora 11
Version: 1.12.3
Release: 1.fc11.2
URL: Summary : OCaml library for accessing PostgreSQL databases
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!