« back to all changes in this revision
Viewing changes to src/include/pg_config.h.in
- Committer: Package Import Robot
- Date: 2016-02-11 15:44:43 UTC
- mfrom: (1.1.14) (18.1.4 trusty-security)
- Revision ID: package-import@ubuntu.com-20160211154443-4ble5sr317jm0cm6
* New upstream security/bug fix release: (LP: #1544576)
- Fix infinite loops and buffer-overrun problems in regular expressions.
Very large character ranges in bracket expressions could cause infinite
loops in some cases, and memory overwrites in other cases.
(CVE-2016-0773)
- Prevent certain PL/Java parameters from being set by non-superusers.
This change mitigates a PL/Java security bug (CVE-2016-0766), which was
fixed in PL/Java by marking these parameters as superuser-only. To fix
the security hazard for sites that update PostgreSQL more frequently
than PL/Java, make the core code aware of them also.
- See release notes for details about other fixes.
- Fix infinite loops and buffer-overrun problems in regular expressions.
Very large character ranges in bracket expressions could cause infinite
loops in some cases, and memory overwrites in other cases.
(CVE-2016-0773)
- Prevent certain PL/Java parameters from being set by non-superusers.
This change mitigates a PL/Java security bug (CVE-2016-0766), which was
fixed in PL/Java by marking these parameters as superuser-only. To fix
the security hazard for sites that update PostgreSQL more frequently
than PL/Java, make the core code aware of them also.
- See release notes for details about other fixes.
- files added:
- doc/src/sgml/html/release-9-1-20.html
- files removed:
- src/test/regress/expected/json_1.out
- files modified:
- COPYRIGHT
added
removed
src/include/pg_config.h.in
