rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/bin
History
Tom Lane 89e0bac86d Convert newlines to spaces in names written in pg_dump comments. 
pg_dump was incautious about sanitizing object names that are emitted
within SQL comments in its output script.  A name containing a newline
would at least render the script syntactically incorrect.  Maliciously
crafted object names could present a SQL injection risk when the script
is reloaded.

Reported by Heikki Linnakangas, patch by Robert Haas

Security: CVE-2012-0868
 		2012-02-23 15:53:09 -05:00
..
initdb initdb: Add options --auth-local and --auth-host 2012-02-01 21:18:55 +02:00
pg_basebackup Have pg_receivexlog always send an invalid log position in status messages 2012-02-09 14:12:49 +01:00
pg_config Update copyright notices for year 2012. 2012-01-01 18:01:58 -05:00
pg_controldata Allow pg_basebackup from standby node with safety checking. 2012-01-25 18:02:04 +00:00
pg_ctl Update copyright notices for year 2012. 2012-01-01 18:01:58 -05:00
pg_dump Convert newlines to spaces in names written in pg_dump comments. 2012-02-23 15:53:09 -05:00
pg_resetxlog Allow pg_basebackup from standby node with safety checking. 2012-01-25 18:02:04 +00:00
pgevent Revert binary change in copyright year adjustment. 2012-01-01 19:42:07 -05:00
psql psql: Support zero byte field and record separators 2012-02-09 20:20:15 +02:00
scripts createuser: Disable prompting by default 2012-02-07 14:55:34 +02:00
Makefile Update copyright notices for year 2012. 2012-01-01 18:01:58 -05:00