Your patch has been added to the PostgreSQL unapplied patches list at:
http://candle.pha.pa.us/cgi-bin/pgpatches
I will try to apply it within the next 48 hours.
---------------------------------------------------------------------------
Neil Conway wrote:
> Sir Mordred The Traitor <[EMAIL PROTECTED]> writes:
> > There exists a buffer overflow in a SET TIME ZONE command, that
> > allows an attacker to execute malicious code.
>
> Here's a patch for the problem. I also fixed some other potential
> buffer overruns nearby, and added a little paranoia to another routine
> that uses a statically sized buffer.
>
> Thanks for the report.
>
> Cheers,
>
> Neil
>
> --
> Neil Conway <[EMAIL PROTECTED]> || PGP Key ID: DB3C29FC
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org
--
Bruce Momjian | http://candle.pha.pa.us
[EMAIL PROTECTED] | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])
