Re: CAN-2005-0247

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: yo mero <debianier(at)gmail(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: CAN-2005-0247
Date: 2005-02-25 19:40:25
Message-ID: 7513.1109360425@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

yo mero <debianier(at)gmail(dot)com> writes:
> Hello I saw this :
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-0247
> is 8.0.1 Safe ?

No --- at least not the source-code releases. Red Hat's 8.0.1 RPMs
include the patch, and I think the latest community RPMs do too.

> is there a patch ?

http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=text&tr1=1.64.4.1&r2=text&tr2=1.64.4.3

The patches for other branches besides 8.0 are available from CVS
as well.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message operationsengineer1 2005-02-25 20:02:17 Boolean
Previous Message Tom Lane 2005-02-25 19:34:41 Re: Development schedule