Quick Links

Re: BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Ferindo Middleton" <fmiddleton(at)verizon(dot)net>
Cc:	pgsql-bugs(at)postgresql(dot)org
Subject:	Re: BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities
Date:	2005-11-18 14:32:43
Message-ID:	5821.1132324363@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs pgsql-hackers pgsql-www

"Ferindo Middleton" <fmiddleton(at)verizon(dot)net> writes:
> This bug report involves more than one proposed bug. I work at a federal
> government agency. The information technology division at this agency
> refuses to allow the database version 8.0.4 on their network because of
> several security vulnerabilities they noticed when testing the software
> application.

They obviously haven't "tested" anything --- they are merely reading the
CVE reports for old Postgres versions. All known CVE problems are
resolved in 8.0.4.

(If they were actually serious about security, they wouldn't be letting
you run Windows 2000 inside their network, but I digress.)

regards, tom lane

In response to

BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities at 2005-11-18 03:54:36 from Ferindo Middleton

Responses

Re: BUG #2052: Federal Agency Tech Hub Refuses to Accept at 2005-11-22 00:00:15 from Ferindo Middleton Jr

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Tom Lane	2005-11-18 14:39:41	Re: BUG #2049: pg_dump BACKUP error
Previous Message	Ferindo Middleton	2005-11-18 03:54:36	BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andrew Dunstan	2005-11-18 14:46:06	Re: Optional postgres database not so optional in 8.1
Previous Message	Tom Lane	2005-11-18 14:26:50	Re: Optional postgres database not so optional in 8.1

Browse pgsql-www by date

	From	Date	Subject
Next Message	Stephen Frost	2005-11-18 15:08:50	Re: BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities
Previous Message	Ferindo Middleton	2005-11-18 03:54:36	BUG #2052: Federal Agency Tech Hub Refuses to Accept Postgresql on Network because of Security Vulnerabilities