The PostgreSQL Global Development Group today released versions 8.1.4, 8.0.8, 7.4.13 and 7.3.15. This is an urgent update to close a serious security hole which can permit a SQL injection attack on some applications running PostgreSQL.
Users are urged to apply the update as soon as reasonably possible. Since the update affects client functionality, most driver projects will be updating this week as well.
Because the security issue involved is complex, we have added a section in Techdocs to explain it. Please read this first before applying the updates.
Downloads are in the usual place. Binaries for some platforms should be already available.
This post has been migrated from a previous version of the PostgreSQL website. We apologise for any formatting issues caused by the migration.