Re: Fix to CVE-2006-0553 for 8.1.1 - Mailing list pgsql-hackers

From Albert Chin
Subject Re: Fix to CVE-2006-0553 for 8.1.1
Date
Msg-id 20060219222931.GC93931@mail1.thewrittenword.com
Whole thread Raw
In response to Re: Fix to CVE-2006-0553 for 8.1.1  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: Fix to CVE-2006-0553 for 8.1.1
List pgsql-hackers
On Sun, Feb 19, 2006 at 05:14:32PM -0500, Tom Lane wrote:
> Albert Chin <pgsql-hackers@mlists.thewrittenword.com> writes:
> > Does the patch below look like the correct fix to CVE-2006-0553 if
> > running 8.1.1?
> 
> Why in the world would you not install 8.1.3 instead?  Or are you hoping
> to get burnt by one of the *other* bugs in 8.1.1?

We've already deployed 8.1.1 to some customers. We will offer 8.1.3
but if they want to upgrade 8.1.1 to fix the security issue, we want
this to be an option.

-- 
albert chin (china@thewrittenword.com)


pgsql-hackers by date:

Previous
From: Steve Atkins
Date:
Subject: Re: pg_service.conf
Next
From: Martijn van Oosterhout
Date:
Subject: Re: Domains and supporting functions