Re: [Fwd: [SECURITY] [DSA 516-1] New odbc-postgresql packages fix denial of service]

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Shachar Shemesh <psql(at)shemesh(dot)biz>, PostgreSQL ODBC <psgsql-odbc(at)postgresql(dot)org>
Subject: Re: [Fwd: [SECURITY] [DSA 516-1] New odbc-postgresql packages fix denial of service]
Date: 2004-06-10 18:08:56
Message-ID: 200406102008.56472.peter_e@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-odbc

Shachar Shemesh wrote:
> Can anyone comment on where this fix is coming from? Was it found and
> fixed by the Debian maintainer? Is the fix integrated into the ODBC
> available from gborg? What other platforms are affected by it?

The fix was made by the Debian maintainer after discussion on the
pgsql-bugs list. It is not integrated in the upstream sources yet,
partially because it is not a proper fix, more a stop gap. I think the
ODBC driver is full of more buffer overflows and needs a serious audit.

In response to

Browse pgsql-odbc by date

  From Date Subject
Next Message Raymond O'Donnell 2004-06-11 20:24:52 bytea and ODBC
Previous Message Janet Borschowa 2004-06-10 18:03:10 Re: Help with casting timestamp column