« back to all changes in this revision
Viewing changes to src/interfaces/libpq/fe-connect.c
- Committer: Package Import Robot
- Date: 2013-02-05 18:13:52 UTC
- mfrom: (1.1.10) (10.1.5 oneiric-proposed)
- Revision ID: package-import@ubuntu.com-20130205181352-3kw4f94ilqklzm7c
* New upstream security/bug fix release: (LP: #1116336)
- Prevent execution of enum_recv from SQL
The function was misdeclared, allowing a simple SQL command to crash the
server. In principle an attacker might be able to use it to examine the
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
for reporting this issue. (CVE-2013-0255)
- See HISTORY/changelog.gz for the other bug fixes.
- Prevent execution of enum_recv from SQL
The function was misdeclared, allowing a simple SQL command to crash the
server. In principle an attacker might be able to use it to examine the
contents of server memory. Our thanks to Sumit Soni (via Secunia SVCRP)
for reporting this issue. (CVE-2013-0255)
- See HISTORY/changelog.gz for the other bug fixes.
- files added:
- doc/src/sgml/html/release-8-3-21.html
- files modified:
- .pc/50-per-version-dirs.patch/src/Makefile.global.in
added
removed
src/interfaces/libpq/fe-connect.c
