mirror of
https://github.com/postgres/postgres.git
synced 2025-07-09 22:41:56 +03:00
config
contrib
adminpack
amcheck
auth_delay
auto_explain
bloom
btree_gin
btree_gist
citext
cube
dblink
dict_int
dict_xsyn
earthdistance
file_fdw
fuzzystrmatch
hstore
hstore_plperl
hstore_plpython
intagg
intarray
isn
lo
ltree
ltree_plpython
oid2name
pageinspect
passwordcheck
pg_buffercache
pg_freespacemap
pg_prewarm
pg_standby
pg_stat_statements
pg_trgm
pg_visibility
pgcrypto
pgrowlocks
pgstattuple
postgres_fdw
seg
sepgsql
spi
sslinfo
start-scripts
tablefunc
tcn
test_decoding
tsm_system_rows
tsm_system_time
unaccent
uuid-ossp
vacuumlo
xml2
expected
sql
xml2.sql
.gitignore
Makefile
xml2--1.0--1.1.sql
xml2--1.1.sql
xml2--unpackaged--1.0.sql
xml2.control
xpath.c
xslt_proc.c
Makefile
README
contrib-global.mk
doc
src
.dir-locals.el
.gitattributes
.gitignore
COPYRIGHT
GNUmakefile.in
HISTORY
Makefile
README
README.git
aclocal.m4
configure
configure.in
adc97d03b9
libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. Disable that through proper use of libxslt's security options. Also, remove xslt_process()'s ability to fetch documents and stylesheets from external files/URLs. While this was a documented "feature", it was long regarded as a terrible idea. The fix for CVE-2012-3489 broke that capability, and rather than expend effort on trying to fix it, we're just going to summarily remove it. While the ability to write as well as read makes this security hole considerably worse than CVE-2012-3489, the problem is mitigated by the fact that xslt_process() is not available unless contrib/xml2 is installed, and the longstanding warnings about security risks from that should have discouraged prudent DBAs from installing it in security-exposed databases. Reported and fixed by Peter Eisentraut. Security: CVE-2012-3488