Home > mailing lists

pgsql: Introduce a psql "\connect -reuse-previous=on|off" option. - Mailing list pgsql-committers

From	Noah Misch
Subject	pgsql: Introduce a psql "\connect -reuse-previous=on\|off" option.
Date	August 11, 2016 20:08:15
Msg-id	E1bWlGS-0006nj-CK@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Introduce a psql "\connect -reuse-previous=on|off" option.

The decision to reuse values of parameters from a previous connection
has been based on whether the new target is a conninfo string.  Add this
means of overriding that default.  This feature arose as one component
of a fix for security vulnerabilities in pg_dump, pg_dumpall, and
pg_upgrade, so back-patch to 9.1 (all supported versions).  In 9.3 and
later, comment paragraphs that required update had already-incorrect
claims about behavior when no connection is open; fix those problems.

Security: CVE-2016-5424

Branch
------
REL9_4_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/afabfcc0eb16d64bedeaf8152ef748f99edba55d

Modified Files
--------------
doc/src/sgml/ref/psql-ref.sgml |  21 ++++----
src/bin/psql/command.c         | 109 ++++++++++++++++++++++++++++-------------
src/bin/psql/startup.c         |   2 +-
3 files changed, 88 insertions(+), 44 deletions(-)

pgsql-committers by date:

From: Noah Misch
Date: 11 August 2016, 20:08:13
Subject: pgsql: Promote pg_dumpall shell/connstr quoting functions to src/fe_uti

From: Noah Misch
Date: 11 August 2016, 20:08:22
Subject: pgsql: Obstruct shell, SQL, and conninfo injection via database and rol

pgsql: Introduce a psql "\connect -reuse-previous=on|off" option. - Mailing list pgsql-committers

Previous

Next