Quick Links

pgsql: Fix bug in SET SESSION AUTHORIZATION that allows unprivileged

From:	tgl(at)postgresql(dot)org (Tom Lane)
To:	pgsql-committers(at)postgresql(dot)org
Subject:	pgsql: Fix bug in SET SESSION AUTHORIZATION that allows unprivileged
Date:	2006-02-12 22:33:47
Message-ID:	20060212223347.CCCAE9DCB5D@postgresql.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-committers

Log Message:
-----------
Fix bug in SET SESSION AUTHORIZATION that allows unprivileged users to crash
the server, if it has been compiled with Asserts enabled (CVE-2006-0553).
Thanks to Akio Ishida for reporting this problem.

Tags:
----
REL7_3_STABLE

Modified Files:
--------------
pgsql/src/backend/commands:
variable.c (r1.71.2.3 -> r1.71.2.4)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/commands/variable.c.diff?r1=1.71.2.3&r2=1.71.2.4)
pgsql/src/backend/utils/mb:
encnames.c (r1.10.2.1 -> r1.10.2.2)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/encnames.c.diff?r1=1.10.2.1&r2=1.10.2.2)
pgsql/src/backend/utils/misc:
guc.c (r1.99.2.5 -> r1.99.2.6)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/misc/guc.c.diff?r1=1.99.2.5&r2=1.99.2.6)

Browse pgsql-committers by date

	From	Date	Subject
Next Message	Tom Lane	2006-02-12 22:35:27	pgsql: Update release notes.
Previous Message	Tom Lane	2006-02-12 22:33:29	pgsql: Fix bug in SET SESSION AUTHORIZATION that allows unprivileged