svn commit: r529829 - head/security/vuxml
Palle Girgensohn
girgen at FreeBSD.org
Sun Mar 29 20:25:48 UTC 2020
Author: girgen
Date: Sun Mar 29 19:50:00 2020
New Revision: 529829
URL: https://svnweb.freebsd.org/changeset/ports/529829
Log:
Fix validation error
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sun Mar 29 19:46:16 2020 (r529828)
+++ head/security/vuxml/vuln.xml Sun Mar 29 19:50:00 2020 (r529829)
@@ -86,13 +86,13 @@ Notes:
Versions Affected: 9.6 - 12
</p>
<p>
- The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform
- authorization checks, which can allow an unprivileged user to drop
- any function, procedure, materialized view, index, or trigger under
- certain conditions. This attack is possible if an administrator has
- installed an extension and an unprivileged user can CREATE, or an
- extension owner either executes DROP EXTENSION predictably or can be
- convinced to execute DROP EXTENSION.
+ The ALTER ... DEPENDS ON EXTENSION sub-commands do not perform
+ authorization checks, which can allow an unprivileged user to drop
+ any function, procedure, materialized view, index, or trigger under
+ certain conditions. This attack is possible if an administrator has
+ installed an extension and an unprivileged user can CREATE, or an
+ extension owner either executes DROP EXTENSION predictably or can be
+ convinced to execute DROP EXTENSION.
</p>
</blockquote>
</body>
More information about the svn-ports-all
mailing list