Package: postgresl-8.0 Version: 8.0.2-1 Severity: grave Tags: security Justification: user security hole
The server creates a socket in /tmp, which is unsafe. Any local user can create a similar socket and impersonate the database server. This bug also breaks backwards comaptibility with old client libraries. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]