Home > mailing lists

Re: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-bytetruncation' - Mailing list pgsql-bugs

From	Andres Freund
Subject	Re: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-bytetruncation'
Date	January 4, 2018 10:22:51
Msg-id	20180104042251.d2yqmgbnlkf67nny@alap3.anarazel.de Whole thread Raw
In response to	BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-byte truncation' (PG Bug reporting form <noreply@postgresql.org>)
List	pgsql-bugs

Tree view

On 2018-01-04 04:19:19 +0000, PG Bug reporting form wrote:
> The following bug has been logged on the website:
> 
> Bug reference:      14998
> Logged by:          Thu Luu
> Email address:      ltthu2810@gmail.com
> PostgreSQL version: 9.6.2
> Operating system:   CentOs 6.x
> Description:        
> 
> My application uses the Postgresql 9.6.2. But, when I use the tool to scan
> the vulnerabilities. There are some errors related to DB: 'MYSQL utf8 4-byte
> truncation'.
> Refer:
> https://www.acunetix.com/vulnerabilities/web/mysql-utf8-4-byte-truncation

Postgres is not mysql, and to my knowledge does not suffer from an
equivalent vulnerability. So this more looks like a weakness in your
scanning tool.

Greetings,

Andres Freund

pgsql-bugs by date:

From: PG Bug reporting form
Date: 04 January 2018, 10:19:19
Subject: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-byte truncation'

From: Thu Luu
Date: 04 January 2018, 14:11:19
Subject: Fwd: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-byte truncation'

Re: BUG #14998: XXS vulnerabilities in PostgreSQL 'utf8 4-bytetruncation' - Mailing list pgsql-bugs

Previous

Next