Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may al=
low
attackers to execute arbitrary code via (1) a large number of variables in a
SQL statement being handled by the read_sql_construct function, (2) a large
number of INTO variables in a SELECT statement being handled by the
make_select_stmt function, (4) a large number of arbitrary variables in a
SELECT statement being handled by the make_select_stmt function, and (4) a
large number of INTO variables in a FETCH statement being handled by the
make_fetch_stmt function, a different set of vulnerabilities than
CAN-2005-0245.
Message-ID: <email address hidden>
Date: Wed, 9 Feb 2005 11:30:54 -0500
From: Joey Hess <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: multiple buffer overflows in gram.y (CAN-2005-0247)
--8t9RHnE3ZwKMSgU+ Disposition: inline Transfer- Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
Content-
Content-
Package: postgresql
Version: 7.4.7-1
Severity: grave
Tags: security patch
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may al=
low
attackers to execute arbitrary code via (1) a large number of variables in a
SQL statement being handled by the read_sql_construct function, (2) a large
number of INTO variables in a SELECT statement being handled by the
make_select_stmt function, (4) a large number of arbitrary variables in a
SELECT statement being handled by the make_select_stmt function, and (4) a
large number of INTO variables in a FETCH statement being handled by the
make_fetch_stmt function, a different set of vulnerabilities than
CAN-2005-0245.
This is fixed in cvs for version 7.4 here: developer. postgresql. org/cvsweb. cgi/pgsql/ src/pl/ plpgsql/ src/gram. y.= 3D1.48. 2.1;r2= 3D1.48. 2.2
http://
diff?r1=
--=20
see shy jo
--8t9RHnE3ZwKMSgU+ pgp-signature; name="signature .asc" Description: Digital signature Disposition: inline
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
d8HHehbQuO8RAvt nAKCwNUGr5/ jOAqDwg5azkjoQg r5/JgCdEfpl c02Pt80g=
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCCjq+
cqj1fn3zhindk84
=rbMu
-----END PGP SIGNATURE-----
--8t9RHnE3ZwKMS gU+--