Fix buffer overrun after incomplete read in pullf_read_max(). Most callers pass a stack buffer. The ensuing stack smash can crash the server, and we have not ruled out the viability of attacks that lead to privilege escalation. Back-patch to 9.0 (all supported versions).
Marko Tiikkaja Security: CVE-2015-0243 Branch ------ REL9_3_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/6994f07907b90ff03f661ca00e0341a9078fa843 Modified Files -------------- contrib/pgcrypto/expected/pgp-info.out | 3 ++- contrib/pgcrypto/expected/pgp-pubkey-decrypt.out | 25 +++++++++++++++++++++ contrib/pgcrypto/mbuf.c | 1 + contrib/pgcrypto/sql/pgp-pubkey-decrypt.sql | 26 ++++++++++++++++++++++ 4 files changed, 54 insertions(+), 1 deletion(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
