public inbox for [email protected]help / color / mirror / Atom feed
pgsql: Require PGP-decrypted text to pass encoding validation. 6+ messages / 1 participants [nested] [flat]
* pgsql: Require PGP-decrypted text to pass encoding validation. @ 2026-02-09 14:16 Noah Misch <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Noah Misch @ 2026-02-09 14:16 UTC (permalink / raw) To: [email protected] Require PGP-decrypted text to pass encoding validation. pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <[email protected]> Reviewed-by: cary huang <[email protected]> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 Branch ------ REL_14_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/8373ed09440f0f20582da3e4b95e6d2eb76e99bb Modified Files -------------- contrib/pgcrypto/expected/pgp-decrypt.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/expected/pgp-decrypt_1.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/pgp-pgsql.c | 2 ++ contrib/pgcrypto/sql/pgp-decrypt.sql | 22 +++++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Require PGP-decrypted text to pass encoding validation. @ 2026-02-09 14:16 Noah Misch <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Noah Misch @ 2026-02-09 14:16 UTC (permalink / raw) To: [email protected] Require PGP-decrypted text to pass encoding validation. pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <[email protected]> Reviewed-by: cary huang <[email protected]> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 Branch ------ REL_16_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/0c33d560899f80f23bb393269e992fa104e8c79f Modified Files -------------- contrib/pgcrypto/expected/pgp-decrypt.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/expected/pgp-decrypt_1.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/pgp-pgsql.c | 2 ++ contrib/pgcrypto/sql/pgp-decrypt.sql | 22 +++++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Require PGP-decrypted text to pass encoding validation. @ 2026-02-09 14:16 Noah Misch <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Noah Misch @ 2026-02-09 14:16 UTC (permalink / raw) To: [email protected] Require PGP-decrypted text to pass encoding validation. pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <[email protected]> Reviewed-by: cary huang <[email protected]> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/d536aee5566354e42a1012da9dd3960e45402af5 Modified Files -------------- contrib/pgcrypto/expected/pgp-decrypt.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/expected/pgp-decrypt_1.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/pgp-pgsql.c | 2 ++ contrib/pgcrypto/sql/pgp-decrypt.sql | 22 +++++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Require PGP-decrypted text to pass encoding validation. @ 2026-02-09 14:16 Noah Misch <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Noah Misch @ 2026-02-09 14:16 UTC (permalink / raw) To: [email protected] Require PGP-decrypted text to pass encoding validation. pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <[email protected]> Reviewed-by: cary huang <[email protected]> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 Branch ------ REL_15_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/8f8b1ffac063afb22e3a07bdc6ddcb048116cfbb Modified Files -------------- contrib/pgcrypto/expected/pgp-decrypt.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/expected/pgp-decrypt_1.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/pgp-pgsql.c | 2 ++ contrib/pgcrypto/sql/pgp-decrypt.sql | 22 +++++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Require PGP-decrypted text to pass encoding validation. @ 2026-02-09 14:16 Noah Misch <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Noah Misch @ 2026-02-09 14:16 UTC (permalink / raw) To: [email protected] Require PGP-decrypted text to pass encoding validation. pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <[email protected]> Reviewed-by: cary huang <[email protected]> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 Branch ------ REL_18_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/b427091947e59788289e80f0ff4279cb7d32dab1 Modified Files -------------- contrib/pgcrypto/expected/pgp-decrypt.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/expected/pgp-decrypt_1.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/pgp-pgsql.c | 2 ++ contrib/pgcrypto/sql/pgp-decrypt.sql | 22 +++++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Require PGP-decrypted text to pass encoding validation. @ 2026-02-09 14:16 Noah Misch <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Noah Misch @ 2026-02-09 14:16 UTC (permalink / raw) To: [email protected] Require PGP-decrypted text to pass encoding validation. pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <[email protected]> Reviewed-by: cary huang <[email protected]> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 Branch ------ REL_17_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/dc072a09ad6a0b89d021047b2418f517a430966d Modified Files -------------- contrib/pgcrypto/expected/pgp-decrypt.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/expected/pgp-decrypt_1.out | 23 ++++++++++++++++++++++- contrib/pgcrypto/pgp-pgsql.c | 2 ++ contrib/pgcrypto/sql/pgp-decrypt.sql | 22 +++++++++++++++++++++- 4 files changed, 67 insertions(+), 3 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
end of thread, other threads:[~2026-02-09 14:16 UTC | newest] Thread overview: 6+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2026-02-09 14:16 pgsql: Require PGP-decrypted text to pass encoding validation. Noah Misch <[email protected]> 2026-02-09 14:16 pgsql: Require PGP-decrypted text to pass encoding validation. Noah Misch <[email protected]> 2026-02-09 14:16 pgsql: Require PGP-decrypted text to pass encoding validation. Noah Misch <[email protected]> 2026-02-09 14:16 pgsql: Require PGP-decrypted text to pass encoding validation. Noah Misch <[email protected]> 2026-02-09 14:16 pgsql: Require PGP-decrypted text to pass encoding validation. Noah Misch <[email protected]> 2026-02-09 14:16 pgsql: Require PGP-decrypted text to pass encoding validation. Noah Misch <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox