| From: | tgl(at)postgresql(dot)org (Tom Lane) |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Fix bug in SET SESSION AUTHORIZATION that allows unprivileged |
| Date: | 2006-02-12 22:33:14 |
| Message-ID: | 20060212223314.B563D9DC8AC@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Log Message:
-----------
Fix bug in SET SESSION AUTHORIZATION that allows unprivileged users to crash
the server, if it has been compiled with Asserts enabled (CVE-2006-0553).
Thanks to Akio Ishida for reporting this problem.
Tags:
----
REL8_0_STABLE
Modified Files:
--------------
pgsql/src/backend/commands:
variable.c (r1.105.4.2 -> r1.105.4.3)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/commands/variable.c.diff?r1=1.105.4.2&r2=1.105.4.3)
pgsql/src/backend/utils/mb:
encnames.c (r1.22 -> r1.22.4.1)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/encnames.c.diff?r1=1.22&r2=1.22.4.1)
pgsql/src/backend/utils/misc:
guc.c (r1.252.4.2 -> r1.252.4.3)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/misc/guc.c.diff?r1=1.252.4.2&r2=1.252.4.3)
pgsql/src/include/utils:
guc_tables.h (r1.19 -> r1.19.4.1)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/include/utils/guc_tables.h.diff?r1=1.19&r2=1.19.4.1)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2006-02-12 22:33:29 | pgsql: Fix bug in SET SESSION AUTHORIZATION that allows unprivileged |
| Previous Message | Tom Lane | 2006-02-12 22:32:57 | pgsql: Fix bug that allowed any logged-in user to SET ROLE to any other |