upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-14 05:27:20 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Michael Paquier 27c464e42a Fix buffer overflow when processing SCRAM final message in libpq 
When a client connects to a rogue server sending specifically-crafted
messages, this can suffice to execute arbitrary code as the operating
system account used by the client.

While on it, fix one error handling when decoding an incorrect salt
included in the first message received from server.

Author: Michael Paquier
Reviewed-by: Jonathan Katz, Heikki Linnakangas
Security: CVE-2019-10164
Backpatch-through: 10
2019-06-17 22:14:04 +09:00
..
backend Fix buffer overflow when parsing SCRAM verifiers in backend 2019-06-17 21:48:25 +09:00
bin Prefer timezone name "UTC" over alternative spellings. 2019-06-15 18:16:43 +01:00
common Tolerate EINVAL when calling fsync() on a directory. 2019-02-24 23:51:54 +13:00
fe_utils Fix translation of special characters in psql's LaTeX output modes. 2018-11-26 17:32:51 -05:00
include Mark ReplicationSlotCtl as PGDLLIMPORT. 2019-06-13 10:53:17 -04:00
interfaces Fix buffer overflow when processing SCRAM final message in libpq 2019-06-17 22:14:04 +09:00
makefiles Define WIN32_STACK_RLIMIT throughout win32 and cygwin builds. 2019-04-09 08:25:42 -07:00
pl Fix C++ incompatibilities in plpgsql's header files. 2019-05-31 12:34:54 -04:00
port Stamp 11.3. 2019-05-06 16:46:18 -04:00
template Yet further rethinking of build changes for macOS Mojave. 2018-11-02 18:54:00 -04:00
test Fix buffer overflow when parsing SCRAM verifiers in backend 2019-06-17 21:48:25 +09:00
timezone Portability fix for zic.c. 2019-04-26 21:20:21 -04:00
tools In the pg_upgrade test suite, don't write to src/test/regress. 2019-05-28 12:59:36 -07:00
tutorial Update copyright for 2018 2018-01-02 23:30:12 -05:00
.gitignore Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:04 +02:00
DEVELOPERS Replace a couple of references to files that no longer exist in the source 2009-05-04 08:08:47 +00:00
Makefile Fix partial-build problems introduced by having more generated headers. 2018-04-09 16:42:10 -04:00
Makefile.global.in Consistently test for in-use shared memory. 2019-04-12 22:36:42 -07:00
Makefile.shlib Ensure static libraries have correct mod time even if ranlib messes it up. 2018-11-29 15:53:44 -05:00
nls-global.mk nls-global.mk: search build dir for source files, too 2016-06-07 18:55:18 -04:00