| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | shihao zhong <zhong950419(at)gmail(dot)com> |
| Cc: | cary huang <hcary328(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Encoding protection for pgcrypto |
| Date: | 2026-02-12 16:47:12 |
| Message-ID: | 20260212164712.67@rfd.leadboat.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Feb 12, 2024 at 11:21:41PM -0500, shihao zhong wrote:
> The goal for this patch is to fix the
> encoding for the TEXT return value because by default the PostgreSQL
> TEXT type should have the same encoding as the database encoding.
Pushed as commits d536aee and c5dc754. A report about a security exploit of
invalid values of type "text", CVE-2026-2006, brought me to this after the
long delay. After the main fix for CVE-2026-2006, invalid text in a database
is no longer a vulnerability. Even so, we took the opportunity to adopt
$SUBJECT, too.
Thanks,
nm
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2026-02-12 16:47:37 | Re: Add 64-bit XIDs into PostgreSQL 15 |
| Previous Message | Álvaro Herrera | 2026-02-12 16:43:47 | Re: pgsql: Introduce pg_shmem_allocations_numa view |