Bug 109067 - to_timestamp not stable if date string shorter than template
Summary: to_timestamp not stable if date string shorter than template
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: rh-postgresql (Show other bugs)
(Show other bugs)
Version: 3.0
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: David Jee
QA Contact:
URL: http://archives.postgresql.org/pgsql-...
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-11-04 19:42 UTC by David Jee
Modified: 2007-11-30 22:06 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-11-12 14:11:21 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2003:352 normal SHIPPED_LIVE Updated PostgreSQL packages fix input overrun bug 2003-11-14 05:00:00 UTC
Red Hat Product Errata RHSA-2003:314 normal SHIPPED_LIVE Moderate: postgresql security update 2003-11-12 05:00:00 UTC

Description David Jee 2003-11-04 19:42:47 UTC
In postgresql versions 7.2.x and 7.3.x (including 7.3.4), when the
input string to to_timestamp() is shorter than what the format string
expects, it may run off the end of the input string, resulting in a leak.

Please see the URL link to the postgresql mailing list archives for
more details.


Affects:
RHEL3 2.1AS 2.1AW 2.1ES 2.1WS

Errata in progress.

Comment 1 David Jee 2003-11-04 19:58:14 UTC
Please see bug 109068 for the same bug for Red Hat Linux.

Comment 2 Mark J. Cox 2003-11-12 14:11:21 UTC
An errata has been issued which should help the problem described in this bug report. 
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen 
this bug report if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2003-314.html



Note You need to log in before you can comment on or make changes to this bug.