+
+ Require execute permission on the trigger function for
+ CREATE TRIGGER (Robert Haas)
+
+
+ This missing check could allow another user to execute a trigger
+ function with forged input data, by installing it on a table he owns.
+ This is only of significance for trigger functions marked
+ SECURITY DEFINER, since otherwise trigger functions run
+ as the table owner anyway. (CVE-2012-0866)
+
+
+
+
+ Convert newlines to spaces in names written in
pg_dump+ comments (Robert Haas)
+
+
+
pg_dump was incautious about sanitizing object names+ that are emitted within SQL comments in its output script. A name
+ containing a newline would at least render the script syntactically
+ incorrect. Maliciously crafted object names could present a SQL
+ injection risk when the script is reloaded. (CVE-2012-0868)
+
+
+
Fix btree index corruption from insertions concurrent with vacuuming
+
+ Require execute permission on the trigger function for
+ CREATE TRIGGER (Robert Haas)
+
+
+ This missing check could allow another user to execute a trigger
+ function with forged input data, by installing it on a table he owns.
+ This is only of significance for trigger functions marked
+ SECURITY DEFINER, since otherwise trigger functions run
+ as the table owner anyway. (CVE-2012-0866)
+
+
+
+
+ Remove arbitrary limitation on length of common name in SSL
+ certificates (Heikki Linnakangas)
+
+
+ Both
libpq and the server truncated the common name+ extracted from an SSL certificate at 32 bytes. Normally this would
+ cause nothing worse than an unexpected verification failure, but there
+ are some rather-implausible scenarios in which it might allow one
+ certificate holder to impersonate another. The victim would have to
+ have a common name exactly 32 bytes long, and the attacker would have
+ to persuade a trusted CA to issue a certificate in which the common
+ name has that string as a prefix. Impersonating a server would also
+ require some additional exploit to redirect client connections.
+ (CVE-2012-0867)
+
+
+
+
+ Convert newlines to spaces in names written in
pg_dump+ comments (Robert Haas)
+
+
+
pg_dump was incautious about sanitizing object names+ that are emitted within SQL comments in its output script. A name
+ containing a newline would at least render the script syntactically
+ incorrect. Maliciously crafted object names could present a SQL
+ injection risk when the script is reloaded. (CVE-2012-0868)
+
+
+
Fix btree index corruption from insertions concurrent with vacuuming
+
+ Require execute permission on the trigger function for
+ CREATE TRIGGER (Robert Haas)
+
+
+ This missing check could allow another user to execute a trigger
+ function with forged input data, by installing it on a table he owns.
+ This is only of significance for trigger functions marked
+ SECURITY DEFINER, since otherwise trigger functions run
+ as the table owner anyway. (CVE-2012-0866)
+
+
+
+
+ Remove arbitrary limitation on length of common name in SSL
+ certificates (Heikki Linnakangas)
+
+
+ Both
libpq and the server truncated the common name+ extracted from an SSL certificate at 32 bytes. Normally this would
+ cause nothing worse than an unexpected verification failure, but there
+ are some rather-implausible scenarios in which it might allow one
+ certificate holder to impersonate another. The victim would have to
+ have a common name exactly 32 bytes long, and the attacker would have
+ to persuade a trusted CA to issue a certificate in which the common
+ name has that string as a prefix. Impersonating a server would also
+ require some additional exploit to redirect client connections.
+ (CVE-2012-0867)
+
+
+
+
+ Convert newlines to spaces in names written in
pg_dump+ comments (Robert Haas)
+
+
+
pg_dump was incautious about sanitizing object names+ that are emitted within SQL comments in its output script. A name
+ containing a newline would at least render the script syntactically
+ incorrect. Maliciously crafted object names could present a SQL
+ injection risk when the script is reloaded. (CVE-2012-0868)
+
+
+
Fix btree index corruption from insertions concurrent with vacuuming
+
+ Require execute permission on the trigger function for
+ CREATE TRIGGER (Robert Haas)
+
+
+ This missing check could allow another user to execute a trigger
+ function with forged input data, by installing it on a table he owns.
+ This is only of significance for trigger functions marked
+ SECURITY DEFINER, since otherwise trigger functions run
+ as the table owner anyway. (CVE-2012-0866)
+
+
+
+
+ Remove arbitrary limitation on length of common name in SSL
+ certificates (Heikki Linnakangas)
+
+
+ Both
libpq and the server truncated the common name+ extracted from an SSL certificate at 32 bytes. Normally this would
+ cause nothing worse than an unexpected verification failure, but there
+ are some rather-implausible scenarios in which it might allow one
+ certificate holder to impersonate another. The victim would have to
+ have a common name exactly 32 bytes long, and the attacker would have
+ to persuade a trusted CA to issue a certificate in which the common
+ name has that string as a prefix. Impersonating a server would also
+ require some additional exploit to redirect client connections.
+ (CVE-2012-0867)
+
+
+
+
+ Convert newlines to spaces in names written in
pg_dump+ comments (Robert Haas)
+
+
+
pg_dump was incautious about sanitizing object names+ that are emitted within SQL comments in its output script. A name
+ containing a newline would at least render the script syntactically
+ incorrect. Maliciously crafted object names could present a SQL
+ injection risk when the script is reloaded. (CVE-2012-0868)
+
+
+
Fix btree index corruption from insertions concurrent with vacuuming
+
+ Allow MinGW builds to use standardly-named OpenSSL libraries
+ (Tomasz Ostrowski)
+
+
+
projects / postgresql.git / commitdiff