GLSA-200502-19 : PostgreSQL: Buffer overflows in PL/PgSQL parser
Medium Nessus Plugin ID 16460
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200502-19 (PostgreSQL: Buffer overflows in PL/PgSQL parser)
PostgreSQL is vulnerable to several buffer overflows in the PL/PgSQL parser.
A remote attacker could send a malicious query resulting in the execution of arbitrary code with the permissions of the user running PostgreSQL.
There is no known workaround at this time.
SolutionAll PostgreSQL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose dev-db/postgresql