Thread: BUG #1198: Linux PostgreSQL Server Input Validation Vulnerability

The following bug has been logged online:

Bug reference:      1198
Logged by:          iDEFENSE Vendor Disclosure

Email address:      vendor-disclosure@idefense.com

PostgreSQL version: 7.4

Operating system:   Linux

Description:        Linux PostgreSQL Server Input Validation Vulnerability

Details:

iDEFENSE has identified an input validation vulnerability in PostgreSQL .
This vulnerability was submitted to iDEFENSE through our Vulnerability
Contributor Program (http://www.idefense.com/poi/teams/vcp.jsp). iDEFENSE
Labs has validated this vulnerability and has drafted an advisory. I have
not included the advisory in this web form submission as it is unclear who
the target audience is. Please contact me at vendor-disclosure@idefense.com
for a copy so that we can continue the process.

Regards,
Pedram Amini
Assistant Director, iDEFENSE Labs
pamini@idefense.com

7/20/2004

PostgreSQL Bugs List wrote:
> iDEFENSE has identified an input validation vulnerability in
> PostgreSQL . This vulnerability was submitted to iDEFENSE through our
> Vulnerability Contributor Program
> (http://www.idefense.com/poi/teams/vcp.jsp). iDEFENSE Labs has
> validated this vulnerability and has drafted an advisory. I have not
> included the advisory in this web form submission as it is unclear
> who the target audience is. Please contact me at
> vendor-disclosure@idefense.com for a copy so that we can continue the
> process.

If you have a bug to report, this (pgsql-bugs@postgresql.org) is the
right place.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/