Opened 10 years ago
Closed 9 years ago
#3094 closed defect (fixed)
GeoJSON inputs crash backend
| Reported by: | pramsey | Owned by: | pramsey |
|---|---|---|---|
| Priority: | medium | Milestone: | PostGIS 2.0.7 |
| Component: | postgis | Version: | master |
| Keywords: | Cc: |
Description
Some ill-formed GeoJSON inputs crash the backend. Given the likelihood that many systems pass unsanitized GeoJSON to the server, I'm going to leave the examples off this ticket until the regression tests are added later. This affects 2.0, 2.1 and trunk.
Change History (5)
comment:1 by , 10 years ago
comment:4 by , 10 years ago
It would help tracking which distributions have fixed this issue and to make them aware of the issue.
It is not a must, eg Debian already has some fixes uploaded. Ideally, this would have been done earlier. Anyway, more info here: https://github.com/RedHatProductSecurity/CVE-HOWTO
comment:5 by , 9 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Actual code fixes went into r13399, r13400, r13401