mirror of
https://github.com/postgres/postgres.git
synced 2025-07-27 12:41:57 +03:00
config
contrib
adminpack
auth_delay
auto_explain
btree_gin
btree_gist
chkpass
citext
cube
dblink
dict_int
dict_xsyn
dummy_seclabel
earthdistance
file_fdw
fuzzystrmatch
hstore
intagg
intarray
isn
lo
ltree
oid2name
pageinspect
passwordcheck
pg_archivecleanup
pg_buffercache
pg_freespacemap
pg_standby
pg_stat_statements
pg_test_fsync
pg_test_timing
pg_trgm
pg_upgrade
pg_upgrade_support
pg_xlogdump
pgbench
pgcrypto
pgrowlocks
pgstattuple
postgres_fdw
seg
sepgsql
spi
sslinfo
start-scripts
tablefunc
tcn
test_parser
tsearch2
unaccent
uuid-ossp
vacuumlo
worker_spi
xml2
expected
sql
xml2.sql
.gitignore
Makefile
xml2--1.0.sql
xml2--unpackaged--1.0.sql
xml2.control
xpath.c
xslt_proc.c
Makefile
README
contrib-global.mk
doc
src
.gitignore
COPYRIGHT
GNUmakefile.in
Makefile
README
README.git
aclocal.m4
configure
configure.in
adc97d03b9
libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. Disable that through proper use of libxslt's security options. Also, remove xslt_process()'s ability to fetch documents and stylesheets from external files/URLs. While this was a documented "feature", it was long regarded as a terrible idea. The fix for CVE-2012-3489 broke that capability, and rather than expend effort on trying to fix it, we're just going to summarily remove it. While the ability to write as well as read makes this security hole considerably worse than CVE-2012-3489, the problem is mitigated by the fact that xslt_process() is not available unless contrib/xml2 is installed, and the longstanding warnings about security risks from that should have discouraged prudent DBAs from installing it in security-exposed databases. Reported and fixed by Peter Eisentraut. Security: CVE-2012-3488