Skip site navigation (1) Skip section navigation (2)

Re: why was libpq.so's version number bumped?

From: Florian Weimer <Weimer(at)CERT(dot)Uni-Stuttgart(dot)DE>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: why was libpq.so's version number bumped?
Date: 2003-01-03 09:57:01
Message-ID: 87smwaftea.fsf@Login.CERT.Uni-Stuttgart.DE (view raw or flat)
Thread:
Lists: pgsql-hackers
"Neil Conway" <neilc(at)samurai(dot)com> writes:

> Christopher Kings-Lynne said:
>> There have been HEAPS of security fixes between 7.2 and 7.3.
>
> That's only the case if your definition of a "security fix" is pretty fast
> and loose -- as yours seems to be.

Hmm?  On 7.2, an unpriviliged database user can read the more or less
the whole memory image of the server process.  On 7.3, this has been
fixed.

-- 
Florian Weimer 	                  Weimer(at)CERT(dot)Uni-Stuttgart(dot)DE
University of Stuttgart           http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT                          fax +49-711-685-5898

In response to

Responses

pgsql-hackers by date

Next:From: Florian WeimerDate: 2003-01-03 09:58:13
Subject: Re: why was libpq.so's version number bumped?
Previous:From: Joe ConwayDate: 2003-01-03 01:10:03
Subject: targetlist functions proposals (was SETOF input parameters)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group