Ubuntu Versions 8.04 and 8.10: Moderate PyGreSQL SQL Injection Risk
ubuntu
December 11, 2009
A flaw in PyGreSQL enables SQL injection vulnerabilities in Ubuntu distributions. To mitigate this security concern, ensure that python-pygresql is updated to the latest version.
Steffen Joeris discovered that PyGreSQL 3.8 did not use PostgreSQL's safestring and bytea functions in its own escaping functions