20b4cba0fb
CVE-2013-1900 and CVE-2013-1901. ok jasper@ "A major security issue fixed in this release, CVE-2013-1899, makes it possible for a connection request containing a database name that begins with "-" to be crafted that can damage or destroy files within a server's data directory. Anyone with access to the port the PostgreSQL server listens on can initiate this request. This issue was discovered by Mitsumasa Kondo and Kyotaro Horiguchi of NTT Open Source Software Center." http://www.postgresql.org/about/news/1456/ |
||
|---|---|---|
| .. | ||
| patches | ||
| pkg | ||
| distinfo | ||
| Makefile | ||