Mandriva Linux Security Advisory 2009-344 – Heap-based buffer overflow in the DBD::Pg module for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows. Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides a fix for these vulnerabilities.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/84437/MDVSA-2009-344.txt
Source: https://packetstormsecurity.com/files/84437/Mandriva-Linux-Security-Advisory-2009-344.html