Fix buffer overrun after incomplete read in pullf_read_max().
Most callers pass a stack buffer. The ensuing stack smash can crash the
server, and we have not ruled out the viability of attacks that lead to
privilege escalation. Back-patch to 9.0 (all supported versions).
Marko Tiikkaja
Security: CVE-2015-0243
Branch
------
REL9_0_STABLE
Details
-------
http://git.postgresql.org/pg/commitdiff/ce6f261cd2df5f166ee21d54c4ad13f535193035
Modified Files
--------------
contrib/pgcrypto/expected/pgp-info.out | 3 ++-
contrib/pgcrypto/expected/pgp-pubkey-decrypt.out | 25 ++++++++++++++++++++++
contrib/pgcrypto/mbuf.c | 1 +
contrib/pgcrypto/sql/pgp-pubkey-decrypt.sql | 25 ++++++++++++++++++++++
4 files changed, 53 insertions(+), 1 deletion(-)
Есть вопросы? Напишите нам!
Соглашаюсь с условиями обработки персональных данных
✖
By continuing to browse this website, you agree to the use of cookies. Go to Privacy Policy.
