Re: BUG #1198: Linux PostgreSQL Server Input Validation Vulnerability

The following bug has been logged online:

Bug reference: 1198
Logged by: iDEFENSE Vendor Disclosure

Email address: vendor-disclosure(at)idefense(dot)com

PostgreSQL version: 7.4

Operating system: Linux

Description: Linux PostgreSQL Server Input Validation Vulnerability

Details:

iDEFENSE has identified an input validation vulnerability in PostgreSQL .
This vulnerability was submitted to iDEFENSE through our Vulnerability
Contributor Program (http://www.idefense.com/poi/teams/vcp.jsp). iDEFENSE
Labs has validated this vulnerability and has drafted an advisory. I have
not included the advisory in this web form submission as it is unclear who
the target audience is. Please contact me at vendor-disclosure(at)idefense(dot)com
for a copy so that we can continue the process.

Regards,
Pedram Amini
Assistant Director, iDEFENSE Labs
pamini(at)idefense(dot)com

7/20/2004

PostgreSQL Bugs List wrote:
> iDEFENSE has identified an input validation vulnerability in
> PostgreSQL . This vulnerability was submitted to iDEFENSE through our
> Vulnerability Contributor Program
> (http://www.idefense.com/poi/teams/vcp.jsp). iDEFENSE Labs has
> validated this vulnerability and has drafted an advisory. I have not
> included the advisory in this web form submission as it is unclear
> who the target audience is. Please contact me at
> vendor-disclosure(at)idefense(dot)com for a copy so that we can continue the
> process.

If you have a bug to report, this (pgsql-bugs(at)postgresql(dot)org) is the
right place.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/