mirror of
https://github.com/postgres/postgres.git
synced 2025-05-06 19:59:18 +03:00
Last-minute updates for release notes.
Security: CVE-2022-41862
This commit is contained in:
parent
07113f15cd
commit
6926350d6b
@ -35,6 +35,35 @@
|
||||
|
||||
<listitem>
|
||||
<!--
|
||||
Author: Michael Paquier <michael@paquier.xyz>
|
||||
Branch: master [71c37797d] 2023-02-06 11:20:07 +0900
|
||||
Branch: REL_15_STABLE [715c345dd] 2023-02-06 11:20:20 +0900
|
||||
Branch: REL_14_STABLE [626f2c1d6] 2023-02-06 11:20:23 +0900
|
||||
Branch: REL_13_STABLE [45a945ee9] 2023-02-06 11:20:27 +0900
|
||||
Branch: REL_12_STABLE [3f7342671] 2023-02-06 11:20:31 +0900
|
||||
-->
|
||||
<para>
|
||||
<application>libpq</application> can leak memory contents after
|
||||
GSSAPI transport encryption initiation fails (Jacob Champion)
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A modified server, or an unauthenticated man-in-the-middle, can
|
||||
send a not-zero-terminated error message during setup of GSSAPI
|
||||
(Kerberos) transport encryption. <application>libpq</application>
|
||||
will then copy that string, as well as following bytes in
|
||||
application memory up to the next zero byte, to its error report.
|
||||
Depending on what the calling application does with the error
|
||||
report, this could result in disclosure of application memory
|
||||
contents. There is also a small probability of a crash due to
|
||||
reading beyond the end of memory. Fix by properly zero-terminating
|
||||
the server message.
|
||||
(CVE-2022-41862)
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<!--
|
||||
Author: Tom Lane <tgl@sss.pgh.pa.us>
|
||||
Branch: master [3f7836ff6] 2023-01-05 14:12:17 -0500
|
||||
Branch: REL_15_STABLE [3706cc97a] 2023-01-05 14:12:17 -0500
|
||||
|
Loading…
x
Reference in New Issue
Block a user