CVE-2009-2943
Published: 22 October 2009
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
Priority
Status
Package | Release | Status |
---|---|---|
postgresql-ocaml
Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Released
(1.7.0-3+lenny1build0.8.10.1)
|
|
jaunty |
Released
(1.7.0-3+lenny1build0.9.04.1)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
(1.12.1-2)
|
|
maverick |
Not vulnerable
(1.12.1-2)
|
|
natty |
Not vulnerable
(1.12.1-2)
|
|
oneiric |
Not vulnerable
(1.12.1-2)
|
|
upstream |
Released
(1.12.1-2)
|