Add entries for security issues.
Security: CVE-2015-3165 through CVE-2015-3167
+
+ Avoid possible crash when client disconnects just before the
+ authentication timeout expires (Benkocs Norbert Attila)
+
+
+ If the timeout interrupt fired partway through the session shutdown
+ sequence, SSL-related state would be freed twice, typically causing a
+ crash and hence denial of service to other sessions. Experimentation
+ shows that an unauthenticated remote attacker could trigger the bug
+ somewhat consistently, hence treat as security issue.
+ (CVE-2015-3165)
+
+
+
+
+ Consistently check for failure of the *printf() family of
+ functions (Noah Misch)
+
+
+ Most calls of these functions did not consider the possibility that
+ the functions could fail with, eg, out-of-memory conditions. The usual
+ result would just be missing output, but crashes or exposure of
+ unintended information are also possible. To protect against such
+ risks uniformly, create wrappers around these functions that throw an
+ error on failure. Also add missing error checks to a few
+ security-relevant calls of other system functions.
+ (CVE-2015-3166)
+
+
+
+
+ In contrib/pgcrypto, uniformly report decryption failures
+ as Wrong key or corrupt data (Noah Misch)
+
+
+ Previously, some cases of decryption with an incorrect key could report
+ other error message texts. It has been shown that such variance in
+ error reports can aid attackers in recovering keys from other systems.
+ While it's unknown whether pgcrypto's specific behaviors
+ are likewise exploitable, it seems better to avoid the risk by using a
+ one-size-fits-all message.
+ (CVE-2015-3167)
+
+
+
Fix incorrect checking of deferred exclusion constraints after a HOT
+
+ Avoid possible crash when client disconnects just before the
+ authentication timeout expires (Benkocs Norbert Attila)
+
+
+ If the timeout interrupt fired partway through the session shutdown
+ sequence, SSL-related state would be freed twice, typically causing a
+ crash and hence denial of service to other sessions. Experimentation
+ shows that an unauthenticated remote attacker could trigger the bug
+ somewhat consistently, hence treat as security issue.
+ (CVE-2015-3165)
+
+
+
+
+ Consistently check for failure of the *printf() family of
+ functions (Noah Misch)
+
+
+ Most calls of these functions did not consider the possibility that
+ the functions could fail with, eg, out-of-memory conditions. The usual
+ result would just be missing output, but crashes or exposure of
+ unintended information are also possible. To protect against such
+ risks uniformly, create wrappers around these functions that throw an
+ error on failure. Also add missing error checks to a few
+ security-relevant calls of other system functions.
+ (CVE-2015-3166)
+
+
+
+
+ In contrib/pgcrypto, uniformly report decryption failures
+ as Wrong key or corrupt data (Noah Misch)
+
+
+ Previously, some cases of decryption with an incorrect key could report
+ other error message texts. It has been shown that such variance in
+ error reports can aid attackers in recovering keys from other systems.
+ While it's unknown whether pgcrypto's specific behaviors
+ are likewise exploitable, it seems better to avoid the risk by using a
+ one-size-fits-all message.
+ (CVE-2015-3167)
+
+
+
Fix incorrect declaration of contrib/citext's
+
+ Avoid possible crash when client disconnects just before the
+ authentication timeout expires (Benkocs Norbert Attila)
+
+
+ If the timeout interrupt fired partway through the session shutdown
+ sequence, SSL-related state would be freed twice, typically causing a
+ crash and hence denial of service to other sessions. Experimentation
+ shows that an unauthenticated remote attacker could trigger the bug
+ somewhat consistently, hence treat as security issue.
+ (CVE-2015-3165)
+
+
+
+
+ Consistently check for failure of the *printf() family of
+ functions (Noah Misch)
+
+
+ Most calls of these functions did not consider the possibility that
+ the functions could fail with, eg, out-of-memory conditions. The usual
+ result would just be missing output, but crashes or exposure of
+ unintended information are also possible. To protect against such
+ risks uniformly, create wrappers around these functions that throw an
+ error on failure. Also add missing error checks to a few
+ security-relevant calls of other system functions.
+ (CVE-2015-3166)
+
+
+
+
+ In contrib/pgcrypto, uniformly report decryption failures
+ as Wrong key or corrupt data (Noah Misch)
+
+
+ Previously, some cases of decryption with an incorrect key could report
+ other error message texts. It has been shown that such variance in
+ error reports can aid attackers in recovering keys from other systems.
+ While it's unknown whether pgcrypto's specific behaviors
+ are likewise exploitable, it seems better to avoid the risk by using a
+ one-size-fits-all message.
+ (CVE-2015-3167)
+
+
+
Fix incorrect declaration of contrib/citext's
+
+ Avoid possible crash when client disconnects just before the
+ authentication timeout expires (Benkocs Norbert Attila)
+
+
+ If the timeout interrupt fired partway through the session shutdown
+ sequence, SSL-related state would be freed twice, typically causing a
+ crash and hence denial of service to other sessions. Experimentation
+ shows that an unauthenticated remote attacker could trigger the bug
+ somewhat consistently, hence treat as security issue.
+ (CVE-2015-3165)
+
+
+
+
+ Consistently check for failure of the *printf() family of
+ functions (Noah Misch)
+
+
+ Most calls of these functions did not consider the possibility that
+ the functions could fail with, eg, out-of-memory conditions. The usual
+ result would just be missing output, but crashes or exposure of
+ unintended information are also possible. To protect against such
+ risks uniformly, create wrappers around these functions that throw an
+ error on failure. Also add missing error checks to a few
+ security-relevant calls of other system functions.
+ (CVE-2015-3166)
+
+
+
+
+ In contrib/pgcrypto, uniformly report decryption failures
+ as Wrong key or corrupt data (Noah Misch)
+
+
+ Previously, some cases of decryption with an incorrect key could report
+ other error message texts. It has been shown that such variance in
+ error reports can aid attackers in recovering keys from other systems.
+ While it's unknown whether pgcrypto's specific behaviors
+ are likewise exploitable, it seems better to avoid the risk by using a
+ one-size-fits-all message.
+ (CVE-2015-3167)
+
+
+
Protect against wraparound of multixact member IDs
projects / postgresql.git / commitdiff