Support / Security / Advisories / Corporate Server 4.0 / MDVSA-2009:255

Package name: perl-DBD-Pg
Date: 2009-10-02
Advisory ID: MDVSA-2009:255
Affected versions: CS4.0 x86_64 , CS4.0 i586

Problem description

A vulnerability was discovered and corrected in perl-DBD-Pg:

Heap-based buffer overflow in the DBD::Pg module for Perl might allow
context-dependent attackers to execute arbitrary code via unspecified
input to an application that uses the getline and pg_getline functions
to read database rows.

This update provides a fix for this vulnerability.

Updated packages

CS4.0 x86_64

 341998c53e860a0ea02c32fb62baa8e0  corporate/4.0/x86_64/perl-DBD-Pg-1.43-2.1.20060mlcs4.x86_64.rpm 
 4bc29785b1dfd8449775ddbbcce697f6  corporate/4.0/SRPMS/perl-DBD-Pg-1.43-2.1.20060mlcs4.src.rpm

CS4.0 i586

 e3c38bea68b6e9fe28cc153b3c948c4b  corporate/4.0/i586/perl-DBD-Pg-1.43-2.1.20060mlcs4.i586.rpm 
 4bc29785b1dfd8449775ddbbcce697f6  corporate/4.0/SRPMS/perl-DBD-Pg-1.43-2.1.20060mlcs4.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663