PostgreSQL Users Face Serious Security Vulnerability Issue
Users of the PostgreSQL database application are currently facing a frustrating situation due to a severe security vulnerability within the application itself.
According to the developers, the newly discovered security flaw can be exploited for SQL Injection attacks and affects all versions of the PostgreSQL database application.
However, if users install the recently released patch from last week, it may cause their applications to malfunction.
PostgreSQL’s lead developer, Josh Berkus, confirmed that there are currently six PostgreSQL developers working hard to release a new patch that won’t disrupt applications within the next four weeks.
On the other hand, PostgreSQL application developers who use multi-byte encoding such as SJIS, BIG5, GBK, GB18030, and UHC will be fortunate, as they only need to make minor adjustments to their applications to ensure compatibility with the security patch. They just need to remove any non-standard character strings like the “slash” character…
Berkus also mentioned that because the patch affects operational functions on client systems, PostgreSQL administrators will need to install additional new drivers. The new version of the application drivers is expected to be released in the coming days.
HVD
