Fix Windows shell argument quoting. The incorrect quoting may have permitted arbitrary command execution. At a minimum, it gave broader control over the command line to actors supposed to have control over a single argument. Back-patch to 9.1 (all supported versions).
Security: CVE-2016-5424 Branch ------ REL9_5_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/2e5e90d8d10ca568381adfaaf53e8a9e8e342375 Modified Files -------------- src/bin/pg_dump/pg_dumpall.c | 52 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 47 insertions(+), 5 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
