postgresql13/postgresql-13.20.tar.bz2.sha256 at 492777a08d0fbd243c302574306ad9777f2206c49111394022061dfbd34fc07a - postgresql13 - openSUSE Gitea

rpm/postgresql13

SHA256

forked from pool/postgresql13

Files

Reinhard Max 377d923e40 - Upgrade to 13.20:

* Improve behavior of libpq's quoting functions:
    The changes made for CVE-2025-1094 had one serious oversight:
    PQescapeLiteral() and PQescapeIdentifier() failed to honor
    their string length parameter, instead always reading to the
    input string's trailing null. This resulted in including
    unwanted text in the output, if the caller intended to
    truncate the string via the length parameter. With very bad
    luck it could cause a crash due to reading off the end of
    memory.
    In addition, modify all these quoting functions so that when
    invalid encoding is detected, an invalid sequence is
    substituted for just the first byte of the presumed
    character, not all of it. This reduces the risk of problems
    if a calling application performs additional processing on
    the quoted string.
  * Fix small memory leak in pg_createsubscriber.
  * https://www.postgresql.org/docs/release/13.20/
  * https://www.postgresql.org/about/news/p-3018/

OBS-URL: https://build.opensuse.org/package/show/server:database:postgresql/postgresql13?expand=0&rev=102

2025-02-20 16:34:04 +00:00

2 lines

91 B

Plaintext

Raw Blame History

8134b685724d15e60d93bea206fbe0f14c8295e84f1cc91d5a3928163e4fb288 postgresql-13.20.tar.bz2