schema into anything else.
Very useful for people who want to migrate big databases from one system
to another, or who use different database engines for testing/production.
Can be used from perl as a set of modules, or through a command-line
interface (sqlt).
Fixes a status file handling buffer overflow in slurpd.
More information:
http://secunia.com/advisories/20126/
Remove obsolete MODGNU_SHARED_LIBS stuff.
ok mbalmer@ (MAINTAINER)
Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties
database tables and classes together for business objects, like Customer
or Subscription, that can find, save, and destroy themselves without
resorting to manual SQL.
from msf
From mysql ChangeLog:
An SQL-injection security hole has been found in multi-byte encoding
processing. The bug was in the server, incorrectly parsing the string
escaped with the mysql_real_escape_string() C API function. (Bug#8378)
Detailed information:
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-22.html
ok brad@
--
OCaml bindings to the SQLite 3 database access library. The current
version provides low level access to the SQL queries and data
transfer. Aggregate/user-defined SQL function support is not
implemented.
This module implements an OO-interface to database schemas. Using this
module, you can create a database schema with an OO Perl interface. You
can read the schema from an existing database. You can save the schema
to disk and restore it a different process. Most importantly,
DBIx::DBSchema can write SQL CREATE statements statements for different
databases from a single source.
Directory Assistant is a small application for managing a LDAP address
book. The focus is to create a very easy to use program, with only the
few but necessary features. The target is novice users that have their
addresses in an LDAP server.
If you want an advanced application targeted at power users, check out
databases/gq port.
From Joerg Zinke <umaxx@oleco.net>
Vulnerabilities in PostgreSQL SET ROLE/SET SESSION AUTHORIZATION
By issuing SET ROLE with a specially crafted argument, it is possible
for any logged-in database user to acquire the privileges of any other
database user, including superusers. Database superuser status allows
access to the machine's filesystem and hence might be used to mount
remote attacks against the rest of the server's operating system.
This error exists in PostgreSQL releases 8.1.0 - 8.1.2 and is fixed in 8.1.3.
The same underlying bug exists in SET SESSION AUTHORIZATION in all
releases back to 7.3. This variant cannot be exploited for privilege
escalation, because one must already be superuser to use SET SESSION
AUTHORIZATION. However, if the server has been compiled with Asserts
enabled (which is not the default), then it is possible to trigger an
Assert failure before the privilege check is reached. This would cause
a momentary denial of service to other database users. This is repaired
in PostgreSQL releases 8.1.3, 8.0.7, 7.4.12, and 7.3.14.
server package, so that the informationis always available and not only
when the docs package is installed. This was requested by many people.
SECURITY:
Version 8.1.2 fixes security and other problems that were present in 8.1.0.
See http://archives.postgresql.org/pgsql-announce/2006-01/msg00001.php for
details.