forked from Lainports/freebsd-ports
70a06c4f2e
Security Fixes for Regular Expressions, PL/Java This release closes security hole CVE-2016-0773, an issue with regular expression (regex) parsing. Prior code allowed users to pass in expressions which included out-of-range Unicode characters, triggering a backend crash. This issue is critical for PostgreSQL systems with untrusted users or which generate regexes based on user input. The update also fixes CVE-2016-0766, a privilege escalation issue for users of PL/Java. Certain custom configuration settings (GUCS) for PL/Java will now be modifiable only by the database superuser URL: http://www.postgresql.org/about/news/1644/ Security: CVE-2016-0773, CVE-2016-0766 |
||
|---|---|---|
| .. | ||
| 502.pgsql.in | ||
| dot.cshrc.in | ||
| dot.profile.in | ||
| patch-doc-Makefile | ||
| patch-doc-src-sgml-Makefile | ||
| patch-src-backend-Makefile | ||
| patch-src-Makefile.shlib | ||
| patch-src:backend:utils:misc:postgresql.conf.sample | ||
| pkg-message-client.in | ||
| pkg-message-contrib.in | ||
| pkg-message-plperl.in | ||
| pkg-message-plpython.in | ||
| pkg-message-pltcl.in | ||
| pkg-message-server.in | ||
| pkgIndex.tcl.in | ||
| postgresql.in | ||