Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in - Mailing list pgsql-hackers
| From | Robert Treat |
|---|---|
| Subject | Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in |
| Date | |
| Msg-id | 1029953961.19543.33.camel@camel Whole thread Raw |
| In response to | Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Responses |
Dev Cycles (Was: Re: @(#)Mordred Labs advisory 0x...)
("Marc G. Fournier" <scrappy@hub.org>)
Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in (Bruce Momjian <pgman@candle.pha.pa.us>) |
| List | pgsql-hackers |
Let me see if I have my "release dates" straight: A 7.2.2 release in the next week or so that fixes the bugtraq buffer overflows and timestamp issues A 7.3 beta on Sept 1st that has all the new schema jazz and also the fixes for opaque (as well as other stuff from todo) during which time we get more security auditing Hopefully an official 7.3 release on October 1. 7.4/8.0 development will start and native windows and PITR patches can start being submitted for that? Robert Treat On Wed, 2002-08-21 at 14:06, Bruce Momjian wrote: > > OK, beta starts on time, September 1. I agree we should keep the > agreed-upon date, and that the propsed features aren't ready, but I had > to let the discussion happen so people felt their opinions where being > heard. > > --------------------------------------------------------------------------- > > Marc G. Fournier wrote: > > On Wed, 21 Aug 2002, Bruce Momjian wrote: > > > > > Justin Clift wrote: > > > > Reckon it's worth asking him, to find out if he'd be interested in this? > > > > > > > > > I wouldn't do it yet until we know if we are going to delay. > > > > Any security audit of the code should *not* be done while the code is in > > flux, and if we delay, the code would be in flux since the delay would be > > to throw in a load of other code that would invalidate the audit results > > ... > > > > > Oh, so it is Jan's group. Great news; wish someone would have told me > > > sooner. I removed the Win32 off the open items list because, with no > > > info and no one commenting on the item, it seemed dead for 7.3. > > > > And it should be ... we can put the Win32 patches up on the ftp site for > > ppl to play with if they want, but to include it at this late a date would > > be irresponsible ... > > > > > Well, PITR is a much more desired feature even than Win32; the big > > > question is how long PITR will actually take, seeing as we haven't see > > > any patches yet. > > > > > > However, we haven't seen any Win32 patches yet either, so they are in > > > the same boat as far as I am concerned. > > > > > > We have an open items list that is pretty much ready for 7.3. The only > > > open items of significance left is whether schema/DROP COLUMN stuff is > > > ready in all the interfaces/apps. > > > > We set a timeline for beta ... this time, let's stick to it ... its not > > like we didn't advertise when we were going into beta ... hell, even when > > the patches are presented for PITR support, who knows whether they will be > > accepted, or what kinda bugs they are going to throw into the mix, or ... > > > > > > -- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 > > ---------------------------(end of broadcast)--------------------------- > TIP 3: if posting/reading through Usenet, please send an appropriate > subscribe-nomail command to majordomo@postgresql.org so that your > message can get through to the mailing list cleanly
pgsql-hackers by date: