Advisories for Gem/Kajam package

There is s a flaw in /dataset/lib/dataset/database/postgresql.rb that is triggered as the program exposes the MySQL or PostgreSQL password in the process list. This may allow a local attacker to gain access to password information.

There is a flaw in /dataset/lib/dataset/database/postgresql.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands.