Hello,
The purpose of this email is twofold: 1) to inform you of a reported
vulnerability by a third party, not myself, involving one of your products,
and 2) to obtain confirmation/clarification and knowledge of any measures
taken to address this in the event it is viable. The report indicates
Servio Medina <[EMAIL PROTECTED]> writes:
> The passwords being cleartext, and readable by user postgres (and root,
> ofcourse), allows bypassing the password mechanism, and gives access to all
> databases. (compromising user 'postgres' or reading the pg_shadow file gives
> access to the usernames
> Michael Shepelev <[EMAIL PROTECTED]> writes:
>> I found bug (IMHO) in Insert/Select Union command.
>> Result of SELECT UNION differs from INSERT SELECT UNION.
> Wow, that's bizarre. I confirm seeing the inconsistent behavior.
On further investigation, it seems this is just another facet of th
