From: | "Lee Wu" <Lwu(at)mxlogic(dot)com> |
---|---|
To: | "Magnus Hagander" <mha(at)sollentuna(dot)net>, "Alvaro Herrera" <alvherre(at)dcc(dot)uchile(dot)cl> |
Cc: | <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: Security Release |
Date: | 2005-03-30 19:02:03 |
Message-ID: | ECAB83AA52BCC043A0E24BBC00001024D2E6DF@mxhq-exch.corp.mxlogic.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Thanks,
I think I am clear now:
8.0.1, 7.4.7, 7.3.9, 7.2.7 are fixed versions,
while 8.0.0, 7.4.0-6, 7.3.0-8 and 7.2.0-6 are affected ones.
If, ie, my PG version is 7.4.3, I need to upgrade to 7.4.7.
-----Original Message-----
From: Magnus Hagander [mailto:mha(at)sollentuna(dot)net]
Sent: Wednesday, March 30, 2005 11:58 AM
To: Alvaro Herrera; Lee Wu
Cc: pgsql-admin(at)postgresql(dot)org
Subject: SV: [ADMIN] Security Release
>> 2. Which versions does the security hole affect? (Back from 7.2
>> till 8.0?)
>>
>> Link
>> http://archives.postgresql.org/pgsql-general/2005-02/msg00384.php
>> <http://archives.postgresql.org/pgsql-general/2005-02/msg00384.php>
>> says "Version(s): 8.0.1, 7.4.7, 7.3.9, 7.2.7",
>> does that mean this security only occur in those versions?
>
>Releases previous to 7.2 are not supported, so no patch is
>produced even
>if they are affected.
It does, however, occur in 8.0.0, 7.4.0-6, 7.3.0-8 and 7.2.0-6. Not sure
if that's what the original question was about, but in case there is any
uncertainty about it...
It specifically does *not* occur in the versions listed in that
advisory, those are the fixed ones.
//Magnus
From | Date | Subject | |
---|---|---|---|
Next Message | Steven Erickson | 2005-03-30 20:00:01 | Logging question |
Previous Message | Magnus Hagander | 2005-03-30 18:57:33 | Re: Security Release |