Hi, do we need to track all postgres-using packages that need to be changed for CVE-2006-2314? AIUI programs that use the old encoding simply don't work with the fixed versions of postgres. Or can this be exploited for SQL injection?
e.g. postfix 2.2.10-2: * Fix postgresql escaping function. See CVE-2006-2314. Closes: #369349 Cheers, Stefan _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
