Skip site navigation (1) Skip section navigation (2)

Re: Security Release

From: "Lee Wu" <Lwu(at)mxlogic(dot)com>
To: "Magnus Hagander" <mha(at)sollentuna(dot)net>,"Alvaro Herrera" <alvherre(at)dcc(dot)uchile(dot)cl>
Cc: <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Security Release
Date: 2005-03-30 19:02:03
Message-ID: ECAB83AA52BCC043A0E24BBC00001024D2E6DF@mxhq-exch.corp.mxlogic.com (view raw or flat)
Thread:
Lists: pgsql-admin
Thanks,

I think I am clear now:
8.0.1, 7.4.7, 7.3.9, 7.2.7 are fixed versions,
while 8.0.0, 7.4.0-6, 7.3.0-8 and 7.2.0-6 are affected ones.
If, ie, my PG version is 7.4.3, I need to upgrade to 7.4.7.

-----Original Message-----
From: Magnus Hagander [mailto:mha(at)sollentuna(dot)net] 
Sent: Wednesday, March 30, 2005 11:58 AM
To: Alvaro Herrera; Lee Wu
Cc: pgsql-admin(at)postgresql(dot)org
Subject: SV: [ADMIN] Security Release

>> 2.	Which versions does the security hole affect? (Back from 7.2
>> till 8.0?)
>> 
>>       Link
>> http://archives.postgresql.org/pgsql-general/2005-02/msg00384.php
>> <http://archives.postgresql.org/pgsql-general/2005-02/msg00384.php>
>> says "Version(s): 8.0.1, 7.4.7, 7.3.9, 7.2.7", 
>>       does that mean this security only occur in those versions?
>
>Releases previous to 7.2 are not supported, so no patch is 
>produced even
>if they are affected.

It does, however, occur in 8.0.0, 7.4.0-6, 7.3.0-8 and 7.2.0-6. Not sure
if that's what the original question was about, but in case there is any
uncertainty about it... 

It specifically does *not* occur in the versions listed in that
advisory, those are the fixed ones.

//Magnus

pgsql-admin by date

Next:From: Steven EricksonDate: 2005-03-30 20:00:01
Subject: Logging question
Previous:From: Magnus HaganderDate: 2005-03-30 18:57:33
Subject: Re: Security Release

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group