"Ken Ashcraft" <[EMAIL PROTECTED]> writes:
>> ... thus opening up the problem to anyone who can get past the
>> initial postmaster authentication check. So this is more severe than we
>> first thought.
> Great. Thanks for the feedback. If it is serious, is an advisory in order?
No, we'll just
> Ken Ashcraft <[EMAIL PROTECTED]> writes:
>> I work at Coverity where we use static analysis to find bugs in
>> software. I ran a security checker over postgresql-7.4.1 and I think I
>> found a security hole.
>>
>> In the code below, fld_size gets copied in from a user specified file.
>> It is pa
On Thu, May 13, 2004 at 00:54:19 +0300,
Shachar Shemesh <[EMAIL PROTECTED]> wrote:
> >
> I'm sorry. Maybe it's spending too many years in the security industry
> (I've been Check Point's "oh my god we have a security problem" process
> manager for over two years). Maybe it's knowing how to actu
Tom Lane wrote:
Shachar Shemesh <[EMAIL PROTECTED]> writes:
Also, has anybody checked what other versions are affected?
Nothing before 7.4, at least by the known implications of this issue.
Again, if we wait a while and let Ken keep running his analysis tool,
he might turn up other stuff w
On Wed, May 12, 2004 at 23:36:49 +0300,
Shachar Shemesh <[EMAIL PROTECTED]> wrote:
>
> My take on this is different. To me, a DoS is a nuisance, but an
> arbitrary code execution vulnerability means information leak, and a
> major escalation (from which further escalation may be possible).
A
Shachar Shemesh <[EMAIL PROTECTED]> writes:
> Ok. How about an official patch against 7.4.2 that fixes it, so that
> packagers can make their own informed decision.
The "official patch" is available to anyone who wants it from our CVS
server.
http://developer.postgresql.org/cvsweb.cgi/pgsql-serve
Bruno Wolff III wrote:
On Wed, May 12, 2004 at 10:46:00 +0300,
Shachar Shemesh <[EMAIL PROTECTED]> wrote:
Industry practices dictate that we do issue SOMETHING now. The bug is
now public, and can be exploited.
The description of the problem indicates that it can only be exploited
after y
Greg Stark <[EMAIL PROTECTED]> writes:
> Shachar Shemesh <[EMAIL PROTECTED]> writes:
>> Also, if we want greater flexibility in handling these cases in the future, we
>> should set up an invite-only list for reporting security bugs,
> A lot of people would be unhappy with that approach. A) they do
On Wed, May 12, 2004 at 10:46:00 +0300,
Shachar Shemesh <[EMAIL PROTECTED]> wrote:
> Industry practices dictate that we do issue SOMETHING now. The bug is
> now public, and can be exploited.
The description of the problem indicates that it can only be exploited
after you have authenticated to t
Shachar Shemesh <[EMAIL PROTECTED]> writes:
> Also, if we want greater flexibility in handling these cases in the future, we
> should set up an invite-only list for reporting security bugs, and advertise it
> on the web site as the place to report security issues. Had this vulnerability
> been re
Tom Lane wrote:
Bruce Momjian <[EMAIL PROTECTED]> writes:
Should we be thinking about a 7.4.3?
I'm not panicking over this particular bug ... but it does seem like
we've accumulated enough fixes since 7.4.2 that it may be time to start
thinking about another dot-release. Maybe set a date
Bruce Momjian <[EMAIL PROTECTED]> writes:
> Should we be thinking about a 7.4.3?
I'm not panicking over this particular bug ... but it does seem like
we've accumulated enough fixes since 7.4.2 that it may be time to start
thinking about another dot-release. Maybe set a date towards the end of
the
Tom Lane wrote:
> Ken Ashcraft <[EMAIL PROTECTED]> writes:
> > I work at Coverity where we use static analysis to find bugs in
> > software. I ran a security checker over postgresql-7.4.1 and I think I
> > found a security hole.
> >
> > In the code below, fld_size gets copied in from a user specif
Ken Ashcraft <[EMAIL PROTECTED]> writes:
> I work at Coverity where we use static analysis to find bugs in
> software. I ran a security checker over postgresql-7.4.1 and I think I
> found a security hole.
>
> In the code below, fld_size gets copied in from a user specified file.
> It is passed as
I work at Coverity where we use static analysis to find bugs in
software. I ran a security checker over postgresql-7.4.1 and I think I
found a security hole. I'm not familiar with the postgres source, so
this report may be false. My interpretation of the code follows.
I'd appreciate your feedba
15 matches
Mail list logo
