| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
| Cc: | Troels Nielsen <bn(dot)troels(at)gmail(dot)com>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org>, Sean Chittenden <sean(at)chittenden(dot)org> |
| Subject: | Re: SSL renegotiation |
| Date: | 2013-07-13 00:51:52 |
| Message-ID: | 20130713005152.GA1219036@tornado.leadboat.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
On Fri, Jul 12, 2013 at 04:32:52PM -0400, Alvaro Herrera wrote:
> Now, should we support the 0.9.6-and-earlier mechanism? My inclination
> is no; even RHEL 3, the oldest supported Linux distribution, uses 0.9.7
> (Heck, even Red Hat Linux 9, released on 2003). To see OpenSSL 0.9.6
> you need to go back to Red Hat Linux 7.2, released on 2001 using a Linux
> kernel 2.4. Surely no one in their right mind would use a current
> Postgres release on such an ancient animal.
Agreed. The OpenSSL Project last applied a security fix to 0.9.6 over eight
years ago. Compatibility with 0.9.6 has zero or negative value.
--
Noah Misch
EnterpriseDB http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2013-07-13 01:27:36 | pgsql: Add session_preload_libraries configuration parameter |
| Previous Message | Noah Misch | 2013-07-12 22:30:01 | pgsql: Make comments reflect that omission of SPI_gettypmod() is intent |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2013-07-13 01:04:39 | --with-libedit-preferred is bad design |
| Previous Message | Mark Wong | 2013-07-12 23:42:13 | Re: [Review] Add SPI_gettypmod() to return a field's typemod from a TupleDesc / audit of [E] TODO items |