/ 
DBD-Pg-1.42
River stage three • 83 direct dependents • 164 total dependents
Security Advisories (2)
CVE-2009-1341 (2009-04-30)

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns.

CVE-2012-1151 (2012-09-09)

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

Changes for version 1.42

  • Fix minor issues with copying and bytea quoting on older servers. Fix some other memory leaks. [GSM]
  • Fix backslash parsing in statements (CPAN bug #12870) [felix.klee@inka.de] [GSM]
  • Make rollback/commit reset copy state (CPAN bug #12866) [imb@rentrak.com] [GSM]
  • Make sure lo_creat issues a begin if necessary [GSM]
  • Fix incorrect behavior when AutoCommit switched on. (CPAN bug #12748) [thanks to Vivek Khera] [GSM]
  • Have last_insert_id use set_err, not die. (CPAN bug #12503) [thanks to Alexandra Walford] [GSM]
  • Fixed tests to correctly handle older DBI versions reporting failures on last_insert_id() (CPAN bug #12204) [jpo@di.uminho.pt] [GSM]
  • Re-enable REMARKS field on column_info (CPAN bug #12399) [thanks to morni@cpan.org] [GSM]
  • Many minor compiler optimizations and cleanups [GSM]
  • Fix two separate memory leaks in dbdimp.c
    • hertzog@debian.org and richardg@eSentire.com
  • Change VARCHAROID to UNKNOWNOID, suggested by users on mailing list [GSM]

Modules

DBD::Pg
PostgreSQL database driver for the DBI module

Provides

DBD::Pg::db
in Pg.pm
DBD::Pg::dr
in Pg.pm
DBD::Pg::st
in Pg.pm

Other files