Home > mailing lists

Re: Vulnerability identified with Postgres 13.4 for Windows - Mailing list pgsql-hackers

From	Justin Pryzby
Subject	Re: Vulnerability identified with Postgres 13.4 for Windows
Date	October 30, 2021 22:10:32
Msg-id	20211030191032.GK31568@telsasoft.com Whole thread Raw
In response to	Vulnerability identified with Postgres 13.4 for Windows ("Joel Mariadasan (jomariad)" <jomariad@cisco.com>)
List	pgsql-hackers

Tree view

On Fri, Oct 29, 2021 at 10:40:06AM +0000, Joel Mariadasan (jomariad) wrote:
> Hi,
> 
> The scanning tool used by our organization has detected the presence of vulnerable libxml version in the latest
Postgres13.4 release for windows (Zip version).
 
> 
> Detected by Automated Scanning tool:
> libxml   2.9.10
> 
> Can you confirm if this is the same version of libxml used in Postgres?
> We want to confirm if the detection is a false positive or a vulnerability.

Joel: Could you provide the exact link for the postgres ZIP you used ?

-- 
Justin

pgsql-hackers by date:

From: Daniel Gustafsson
Date: 30 October 2021, 21:41:45
Subject: Re: Add additional information to src/test/ssl/README

From: Tom Lane
Date: 30 October 2021, 23:48:40
Subject: Re: Add additional information to src/test/ssl/README

Re: Vulnerability identified with Postgres 13.4 for Windows - Mailing list pgsql-hackers

Previous

Next