Summary
The remote host is missing an update to ocaml-postgresql announced via advisory FEDORA-2009-10633.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update ocaml-postgresql' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10633
Insight
Update Information:
- New upstream version 1.12.3. - This contains a SECURITY fix for:
https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method.
ChangeLog:
* Fri Oct 16 2009 Richard W.M. Jones - 1.12.3-1.fc11.2 - Fix build process for new upstream tarball layout.
* Fri Oct 16 2009 Richard W.M. Jones - 1.12.3-1
- New upstream version 1.12.3.
- This contains a SECURITY fix for:
https://bugzilla.redhat.com/show_bug.cgi?id=529325 CVE-2009-2943 ocaml-postgresql: Missing escape function (DSA-1909-1) HOWEVER you are not protected until you change your code to use the new connection#escape_string method.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-2943 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities