Re: Postgres buffer overflow in stable .
On Wed, 2002-09-11 at 03:39, Jean-Francois Dive wrote:
> Hello all,
> The bug 155419 opened 37 days old point to a serious security issue with postgres
> as i can lead to DOS from local users or worst, make non-serious SQL / perl / php
> bugs worst (from non exploitable to DOS capable). As far as i can see, Oliver tried
> to upload 7.2.2-X in woody and i suppose it have been properly refused by ftpmaster
> and even worst was not uploaded as a security update.
> So, What the ? As far as i can see, the port of the fixes to 7.2.1 should not be a major
> issue. Could anything beeing done for this ? I can make the packages if needed.
The proposed upgrade is being negotiated with the security team.
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight, UK
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
"I am crucified with Christ; nevertheless I live; yet
not I, but Christ liveth in me; and the life which I
now live in the flesh I live by the faith of the Son
of God, who loved me, and gave himself for me."