Description
- Security and bugfix release 9.0.16:
*Shore up GRANT ... WITH ADMIN OPTION restrictions
(CVE-2014-0060)
*Prevent privilege escalation via manual calls to PL
validator functions (CVE-2014-0061)
*Avoid multiple name lookups during table and index DDL
(CVE-2014-0062)
*Prevent buffer overrun with long datetime strings
(CVE-2014-0063)
*Prevent buffer overrun due to integer overflow in size
calculations (CVE-2014-0064)
*Prevent overruns of fixed-size buffers (CVE-2014-0065)
*Avoid crashing if crypt() returns NULL (CVE-2014-0066)
*Document risks of make check in the regression testing
instructions (CVE-2014-0067)