Fix Windows shell argument quoting. The incorrect quoting may have permitted arbitrary command execution. At a minimum, it gave broader control over the command line to actors supposed to have control over a single argument. Back-patch to 9.1 (all supported versions).
Security: CVE-2016-5424 Branch ------ REL9_1_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/2d69f5b12e5a99eea7bc175fa30e612384bf9e52 Modified Files -------------- src/bin/pg_dump/pg_dumpall.c | 52 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 47 insertions(+), 5 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
