upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-19 02:29:10 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Noah Misch 648e41a6e4 Prevent a double free by not reentering be_tls_close(). 
Reentering this function with the right timing caused a double free,
typically crashing the backend.  By synchronizing a disconnection with
the authentication timeout, an unauthenticated attacker could achieve
this somewhat consistently.  Call be_tls_close() solely from within
proc_exit_prepare().  Back-patch to 9.0 (all supported versions).

Benkocs Norbert Attila

Security: CVE-2015-3165
2015-05-18 10:02:38 -04:00
..
backend Prevent a double free by not reentering be_tls_close(). 2015-05-18 10:02:38 -04:00
bin Translation updates 2015-05-18 08:53:30 -04:00
include Backport "Add pgreadlink() on Windows to read junction points". 2015-05-05 15:54:26 -04:00
interfaces Translation updates 2015-05-18 08:53:30 -04:00
makefiles Don't use deprecated dllwrap on Cygwin. 2014-02-01 16:14:15 -05:00
pl Translation updates 2015-05-18 08:53:30 -04:00
port Backport "Add pgreadlink() on Windows to read junction points". 2015-05-05 15:54:26 -04:00
template Don't try to force use of -no-cpp-precomp on OS X. It's been five years 2010-08-02 04:51:25 +00:00
test Fix incorrect checking of deferred exclusion constraint after a HOT update. 2015-05-11 12:25:28 -04:00
timezone Update time zone data files to tzdata release 2015d. 2015-05-15 19:36:20 -04:00
tools Build every ECPG library with -DFRONTEND. 2015-04-24 19:30:08 -04:00
tutorial Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
.gitignore Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:06 +02:00
bcc32.mak Remove old-style win32 client-only visual c++ build infrastructure for everything except 2007-03-05 14:18:38 +00:00
DEVELOPERS Replace a couple of references to files that no longer exist in the source 2009-05-04 08:08:47 +00:00
Makefile Rethink the way walreceiver is linked into the backend. Instead than shoving 2010-01-20 09:16:24 +00:00
Makefile.global.in Add mode where contrib installcheck runs each module in a separately named database. 2012-12-11 11:48:00 -05:00
Makefile.shlib Unlink static libraries before rebuilding them. 2015-03-01 13:08:48 -05:00
nls-global.mk Avoid error from mkdir if no languages are to be installed 2010-05-13 14:35:28 +00:00
win32.mak Update supported standalone VC++ version to 7.1+ only, and fix 2007-08-03 10:47:11 +00:00