Debian Security Advisory
DSA-2431-1 libdbd-pg-perl -- format string vulnerabilities
- Date Reported:
- 11 Mar 2012
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 661536.
In Mitre's CVE dictionary: CVE-2012-1151.
- More information:
Niko Tyni discovered two format string vulnerabilities in DBD::Pg, a Perl DBI driver for the PostgreSQL database server, which can be exploited by a rogue database server.
For the stable distribution (squeeze), this problem has been fixed in version 2.17.1-2+squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 2.19.0-1.
We recommend that you upgrade your libdbd-pg-perl packages.