Quick Links

Re: Fix to CVE-2006-0553 for 8.1.1

From:	Albert Chin <pgsql-hackers(at)mlists(dot)thewrittenword(dot)com>
To:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Fix to CVE-2006-0553 for 8.1.1
Date:	2006-02-19 22:29:32
Message-ID:	20060219222931.GC93931@mail1.thewrittenword.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Sun, Feb 19, 2006 at 05:14:32PM -0500, Tom Lane wrote:
> Albert Chin <pgsql-hackers(at)mlists(dot)thewrittenword(dot)com> writes:
> > Does the patch below look like the correct fix to CVE-2006-0553 if
> > running 8.1.1?
>
> Why in the world would you not install 8.1.3 instead? Or are you hoping
> to get burnt by one of the *other* bugs in 8.1.1?

We've already deployed 8.1.1 to some customers. We will offer 8.1.3
but if they want to upgrade 8.1.1 to fix the security issue, we want
this to be an option.

--
albert chin (china(at)thewrittenword(dot)com)

In response to

Re: Fix to CVE-2006-0553 for 8.1.1 at 2006-02-19 22:14:32 from Tom Lane

Responses

Re: Fix to CVE-2006-0553 for 8.1.1 at 2006-02-20 01:58:38 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Martijn van Oosterhout	2006-02-19 22:34:21	Re: Domains and supporting functions
Previous Message	Steve Atkins	2006-02-19 22:14:47	Re: pg_service.conf