/ 
DBD-Pg-1.40
River stage three • 83 direct dependents • 164 total dependents
Security Advisories (2)
CVE-2009-1341 (2009-04-30)

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns.

CVE-2012-1151 (2012-09-09)

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

Changes for version 1.40

  • Raise required DBI version to 1.38
    • Execute returns 0 (0E0) not -1 for successful DDL commands.
      • Robert Treat
    • Change all string lengths to use STRLEN
      • rink@stack.nl
    • Added $dbh->pg_server_trace($fh) [Greg Sabino Mullane]
    • Added $dbh->{pg_errorlevel}. [Greg Sabino Mullane]
    • Fix utf8 quote() support [Dominic Mitchell <dom@semantico.com>]
    • Added explicit support for types SQL_BOOLEAN, DATE, TIME, TIMESTAMP, and TIMESTAMPTZ. Return correct values for DATEOID and TIMEOID. [Greg Sabino Mullane]
    • Added tablespace support for table_info and primary_key_info.
      • Greg Sabino Mullane
    • Added new attributes to $dbh: pg_db, pg_user, pg_pass, pg_host, pg_port, pg_options, pg_socket, pg_pid
      • Greg Sabino Mullane
    • Minor fixes in quote.c, dbdimp.c, and types.h
      • Christophe Martin: schplurtz at free.fr
    • Added support for SQLSTATE via $dbh->state and $sth->state
      • Greg Sabino Mullane
    • Major overhaul of prepare/execute to handle new server-side prepare system. See Pg.pm for details. [Greg Sabino Mullane]
    • Make the tests honor the DBD_SCHEMA variable instead of assuming that the "public" schema is available.
      • Rainer Weikusat
    • dbdimp.c cleanups: better error messages, ensure commit is only called once after a transaction fails.
      • Alexey Slynko
    • primary_key() returns empty list not undef if no match.
      • Julian Mehnle
    • Added the pg_protocol database handle attribute
      • Greg Sabino Mullane
    • Changed "noprefix" to pg_noprefix

Modules

DBD::Pg
PostgreSQL database driver for the DBI module

Provides

DBD::Pg::db
in Pg.pm
DBD::Pg::dr
in Pg.pm
DBD::Pg::st
in Pg.pm

Other files