Re: Fix to CVE-2006-0553 for 8.1.1 - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Fix to CVE-2006-0553 for 8.1.1
Date
Msg-id 15237.1140400718@sss.pgh.pa.us
Whole thread Raw
In response to Re: Fix to CVE-2006-0553 for 8.1.1  (Albert Chin <pgsql-hackers@mlists.thewrittenword.com>)
List pgsql-hackers
Albert Chin <pgsql-hackers@mlists.thewrittenword.com> writes:
> On Sun, Feb 19, 2006 at 05:14:32PM -0500, Tom Lane wrote:
>> Why in the world would you not install 8.1.3 instead?  Or are you hoping
>> to get burnt by one of the *other* bugs in 8.1.1?

> We've already deployed 8.1.1 to some customers. We will offer 8.1.3
> but if they want to upgrade 8.1.1 to fix the security issue, we want
> this to be an option.

You want an option to leave data-loss-causing bugs unfixed, eh?  Make
sure you make those customers sign a disclaimer that it's their fault
not yours when the ReadBuffer bug eats their data.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Douglas McNaught
Date:
Subject: Re: postgresql query string length limit
Next
From: Christopher Kings-Lynne
Date:
Subject: Re: [PERFORM] Need pointers to "standard" pg database(s) for testing