Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgadmin-hackers-owner+archive@lists.postgresql.org>)
	id 1qi9fH-005KTL-V0
	for pgadmin-hackers@arkaria.postgresql.org; Mon, 18 Sep 2023 08:31:31 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgadmin-hackers-owner+archive@lists.postgresql.org>)
	id 1qi9fG-00G9Zs-I9
	for pgadmin-hackers@arkaria.postgresql.org; Mon, 18 Sep 2023 08:31:30 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <noreply@github.com>)
	id 1qi9fG-00G9Ze-7p
	for pgadmin-hackers@lists.postgresql.org; Mon, 18 Sep 2023 08:31:30 +0000
Received: from out-27.smtp.github.com ([192.30.252.210])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <noreply@github.com>)
	id 1qi9fB-005rSV-9V
	for pgadmin-hackers@lists.postgresql.org; Mon, 18 Sep 2023 08:31:29 +0000
Received: from github.com (hubbernetes-node-4c6a6f8.ash1-iad.github.net
 [10.56.155.39])
	by smtp.github.com (Postfix) with ESMTPA id 85F476009E0
	for <pgadmin-hackers@lists.postgresql.org>;
 Mon, 18 Sep 2023 01:31:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com;
	s=pf2023; t=1695025883;
	bh=fEqvt8ur8pYOkNaTANLd4b3E2wm7Ut6j2dXOpcBJrpc=;
	h=Date:From:To:Subject:From;
	b=asIr2Gfi1YaLnB2tivekBDRIa33YMPg0eCOTZw46CCa4e0ICSUzthx6NZW/Y2PyWL
	 6wi1FAuy0GMFLMgr2G9F0m6p3893M3Hpmd6g7Fs32rAMQvU9KUTcMWjAX5SZLalEMY
	 kVIafA86jd8eNjVzJXFF1BR/dN/njF3604lMvf5A=
Date: Mon, 18 Sep 2023 01:31:23 -0700
From: Aditya Toshniwal <noreply@github.com>
To: pgadmin-hackers@lists.postgresql.org
Message-ID: 
 <pgadmin-org/pgadmin4/push/refs/heads/master/0d111e-02ecc8@github.com>
Subject: [pgadmin-org/pgadmin4] 02ecc8: Fix a security related issue where an
 authenticate...
Mime-Version: 1.0
Content-Type: text/plain;
 charset=UTF-8
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: pgadmin-hackers@lists.postgresql.org
X-Auto-Response-Suppress: All
List-Id: <pgadmin-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgadmin-hackers@lists.postgresql.org>
List-Owner: <mailto:pgadmin-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgadmin-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/pgadmin-org/pgadmin4/push/refs/heads/master/0d111e-02ecc8%40github.com>
Precedence: bulk

  Branch: refs/heads/master
  Home:   https://github.com/pgadmin-org/pgadmin4
  Commit: 02ecc82e73f12e84e54c3947ada943d80f746c87
      https://github.com/pgadmin-org/pgadmin4/commit/02ecc82e73f12e84e54c3947ada943d80f746c87
  Author: Aditya Toshniwal <aditya.toshniwal@enterprisedb.com>
  Date:   2023-09-18 (Mon, 18 Sep 2023)

  Changed paths:
    M docs/en_US/release_notes_7_7.rst
    M web/pgadmin/misc/__init__.py
    M web/pgadmin/misc/file_manager/__init__.py

  Log Message:
  -----------
  Fix a security related issue where an authenticated user can run remote command using validate binary path API (CVE-2023-5002). #6763 (#6764)