Am sure that all have seen it, but incase:
- --------------------------------------------------------------------------
Debian Security Advisory DSA 397-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 7th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : postgresql
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE Id : CAN-2003-0901
Bugtraq ID : 8741
Tom Lane discovered a buffer overflow in the to_ascii function in
PostgreSQL. This allows remote attackers to execute arbitrary code on
the host running the database.
For the stable distribution (woody) this problem has been fixed in
version 7.2.1-2woody4.
The unstable distribution (sid) does not contain this problem.
We recommend that you upgrade your postgresql package.
[ snip ]
